Vista not immune to online threats

Security software vendor PC Tools has claimed that around 121,000 pieces of malware were detected on around 58,000 Vista machines in the ThreatFire community. They claim that these Vista machines had at least one piece of malware actively running on their system.

While IDC can’t comment on PC Tools’ figures, the analyst firm told CRN, end users still weren’t adequately protecting themselves from online threats.

According to PC Tools’ research, Windows Vista is still a long way from providing immunity to online threats, said Simon Clausen, chief executive officer, PC Tools.

“Further research and analysis has confirmed our contention that additional third-party protection is absolutely necessary for all Windows Vista users”, he said.

Clausen claimed additional investigation of the data also identifies the types of malware detected on Vista based machines. Their research machines show that 17 percent of all threats found on Vista machines were trojans, while worms accounted for 5 percent, spyware for 3 percent and viruses for 2 percent.

Online threats such as trojans, worms and spyware have the potential to seriously impact consumer privacy and security online. These threats can cause substantial damage by acting as backdoors for hackers to access personal and confidential information from the PC. PC's can also become integrated into a botnet and be used for malicious purposes, said Clausen.

He said all systems used in the research pool were at the very least running PC Tool’s ThreatFire and that because the technology is behavioural-based - the data refers to threats that actually executed and triggered its behavioural detection on the client machine.

“In response to alternative research from Microsoft’s Malicious Software Removal Tool (MSRT), PC Tools highlights that the MSRT is not a comprehensive anti-virus scanner, but a malware removal tool for a limited range of “specific, prevalent malicious software”.

Clausen said Microsoft's MSRT checks for a significantly smaller, specific range of malware than ThreatFire and other third-party products. It is therefore not surprising that the percentage of infections detected by the Microsoft MSRT is significantly smaller than what ThreatFire has detected, said Clausen.

Patrik Bihammar, senior analyst security solutions and system management software at IDC A/NZ told CRN that there are still consumer users who are not using antivirus and other types of anti-malware security solutions, despite a number of free software tools available from anti-virus vendors like AVG and PC Tools.

“End-users aren’t necessarily ignoring threats, online/Web based viruses are becoming more sophisticated and difficult to protect against with traditional detection mechanisms/tools. Web 2.0 threats are a growing challenge with malware being uploaded to "legitimate" popular Web sites infecting users unknowingly, who assume the Web sites are safe,” he said.

According to Bihammer IDC recommends more comprehensive security solutions.

“Microsoft themselves already offer Onecare for consumers and Forefront client security on top of MSRT. MSRT is mainly used as a "click & scan" tool i.e. you have to chose to run a scan to look for malware. Comprehensive third-party tools continuously look for malware,” he said.

security