Microsoft: Third party software's to blame for Vista hacks
Tue Nov 4, 2008 12:03PM EST
See Comments (5)
This week Microsoft is revealing a troubling flaw in its
vaunted efforts to lock down the operating system: It seems you can secure the
operating system pretty well, but once users install third-party applications
on their computers things go downhill fast. Hackers are starting to figure out
that it's much easier to attack these applications, which often have far fewer
security measures in place but are almost as widespread in installation as
Windows itself.
Things aren't all doom and gloom. Overall, Microsoft says that total security vulnerabilities for the first half of 2008 are down slightly from where they were in the second half of 2007, though that's still above where things were through the end of 2005. 47 percent of browser-based attacks were reported by Chinese users, with 23 percent reported by the U.S.
But the big news is how third-party software exploits has consumed this market: Windows XP users find that third-party exploits account for 58 percent of all browser-based attacks. And for Windows Vista, over 94 percent of browser-based attacks target third-party software.
Note that "browser-based attacks" doesn't mean that malware attacks the web browser itself, just that they enter the computing environment while the user is using a browser on the web -- usually visiting a malicious or hacked website. QuickTime, WinZip, and RealPlayer are commonly targeted apps, for example. Microsoft's own apps comprise five of the top 10 most-targeted apps for XP users, but all of the top 10 apps on Vista are from other vendors.
So there you have it: Windows may be more secure than ever, but the programs that run on it appear to be totally busted, security-wise. What can you do about it? Same thing you've always done: Patch Windows with Microsoft's automated Windows Update system, make sure you have an up-to-date anti-malware program up and running at all times, and use common sense when browsing the web and opening email from strangers.
Get additional relevant details from Microsoft's "Key Findings" by clicking here -- or you can read the entire 150-page monster at this link. Both are PDFs.
Top 5 Posts
Comments on Microsoft: Third party software's to blame for Vista hacks
Post a Comment
Join in the discussion. Here you'll see the comments in the order they were posted.
-
2 Posted by joshm2k5 on Thu Sep 3, 2009 4:41PM EDT Report Abuse
Almost sounds as though Microsoft is pushing the blame of their failed operating system to other people.
-
3 Posted by d_gunde on Thu Sep 3, 2009 3:50PM EDT Report Abuse
Right, and what was wrong with Vista exactly? If I remember correctly driver issues fall with the hardware company, and Vista runs fine if you actually pay attention to system specs. Besides, if you want to avoid virus problems, adware, malware, ect..., use common sense when downloading things.
-
4 Posted by shadowman_26 on Thu Sep 3, 2009 9:15PM EDT Report Abuse
That's cuz it is 3rd party vendors who are at fault!!! Just the same as drivers issues. Blame the hardware manufacturer for not making a Vista driver, not Microsoft.
-
5 Posted by agustin2489 on Thu Sep 3, 2009 2:47PM EDT Report Abuse
On this, I agree. My Vista laptop hasn't gotten a virus, or much else for that matter. It's not right to ask just Microsoft to check their code for vulnerabilities; third-party software should also be as secure as possible.
Sponsored Links
My Tech
Please enable your browser's cookies to activate the My Tech column.
Also on Yahoo! Tech
| Computers | Home Office | Wi-Fi & Networking | Phones & PDAs | Cameras & Camcorders | TV & Home Theater | Portable Audio |
|---|---|---|---|---|---|---|
1 Posted by gullwingdoors on Thu Sep 3, 2009 4:14PM EDT Report Abuse
Hmm, and people wonder why I never use Quicktime, WinZip, or RealPlayer. Use VLC, MediaMonkey, 7-zip, and Media Player classic with Real Alternative instead.