RE: Microsoft blames Vista insecurity on thirdparty applicati ons

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- Larry Seltzer <Larry () larryseltzer com> wrote:

> > > Here's the quick test:  Drop the .exe on the destop and double-click
it.
> Did you get infected?  Then you're not immune. 
>
> How did you get the executable? That's the point Allchin is making. The
> usual vector is e-mail and any Microsoft e-mail client for the last 5+
> years blocks them by default. (Web mail is very popular now, but all the
> major ones are AV-scanned.) 
>
> As Nick pointed out, there are other potential vectors for this malware,
> open shares and stuff like that. I suspect these are much harder to get
> through in Vista than in XP, even SP2. It would be interesting to gather
> a good collection of the vectors actually in use and compare their
> status in Vista to previous versions. I'll start talking to vendors
> about it.

The real issue here is what happens when someone clicks on an
embedded link in an e-mail (given the webmail example you give
above) that is a malware executable -- this has become an enormous
problem lately.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.2 (Build 4075)

wj8DBQFFidmfq1pz9mNUZTMRAlXgAKCdJZ7kX+oOXsoKdISPooVtdhILnwCeOhJW
gKZlYoPwk2GtfyXy96J8mU8=
=Torz
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.