- +
Your World. . . Hacked 02/10/2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network - +
Strategies for Dealing With IT Complexity 24/12/2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business. - +
9 Paths to Higher Performance 10/12/2007 14:09:23
When an organization brings together talented people in a creative, collaborative environment it fosters a culture of high performance, which in turn leads to superior business resultsLike high-achieving individuals, some organizations seem to have the Midas touch. Virtually every initiative they touch earns them gold and even those that fail never seem to cost them much of anything at all
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Enterprise Wireless WLAN Security
Dude! You Say I Need an Application-Layer Firewall?!
Still Sneaking In: The Threats Your Security Tools Aren't Telling You About
Did you GET the memo? Getting you from Web 1.0 to Web 2.0 Security
Mimosa™ NearPoint™ for Microsoft® Exchange Server: Email Archiving 101
Why Security SaaS Makes Sense Today
Cutting printer costs
Mobile Solutions Deliver Improved Efficiency to Star Track Express
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Microsoft's much-touted security enhancements in Windows Vista have made it a safer operating system than previous versions of Windows, but it is still open to attack from legacy malicious code.
That's the major finding of a research study by Symantec that dissected security in the new operating system. Symantec released the results of its study Wednesday.
The goal of the effort was to determine whether new security technologies in Vista could protect against risks posed by legacy malicious code, said Ollie Whitehouse, a member of Symantec's advanced threat research team. All of the tests were performed on a Vista system running in a 32-bit environment using samples of existing worms, viruses, Trojan horses, keyloggers and other samples from Symantec's malicious code library.
What the results show is that although the percentage of successful attacks against Vista using existing malicious code is low, "there are threats that can execute and survive within the new Vista security model," he said. Because malicious code writers don't have to make many changes to get their code to run successfully against Vista, "it demonstrates to us that the knowledge to develop malicious code" against the operating system already exists, he said.
Symantec's research is useful and "injects some realism" into Microsoft's claims about Vista security, said Andrew Jaquith, an analyst at Yankee Group Research in Boston. "On the other hand, you've got to acknowledge that there is quite a bit of self-interest involved here in Symantec trying to show their tools are still relevant in the new world. To me this is both enlightening and entertaining."
Symantec's findings are based on a study of various new security enhancements in Vista including generic exploit mitigation technologies to protect against common classes of vulnerabilities such as buffer and heap overflows, kernel protection technologies such as driver signing and PatchGuard, and Microsoft's User Account Control (UAC), which is supposed to reduce risks by forcing users to run in a restricted environment and not as administrators.
Symantec's results showed that even with such technologies, about 3 percent of existing back doors and about 4 percent of existing keyloggers can successfully be installed on a Vista system and survive a reboot without any modifications to the code. In addition, 4 percent of existing mass mailers and 2 percent of Trojan horses and spyware programs tested successfully infected Vista, Whitehouse said.
No kernel-based tool kits however were able to penetrate Vista's defenses -- largely because of the limited privileges that UAC imposes on users by default, Symantec noted. However, the kernel can be penetrated if an attacker were able to elevate the privilege level to that of an administrator, at least in a 32-bit Vista environment, according to Symantec.
"The kernel integrity protection mechanisms that are present on 64-bit Windows Vista can only be described as a bump in the road," Symantec said. "That is, while these technologies may slow down an attacker, they do not provide a meaningful defense against a determined attacker."
"Much has been done with Vista" to improve its security, Whitehouse said. But the efforts are mainly focused on threats to the operating system itself, even as attackers have begun focusing on other things such as e-mail, instant messaging and Web-based attacks, he said.
"I think malware writers are going to take a careful look" at Vista's weaknesses, Jaquith said. For example, the backward compatibility that Microsoft has had to integrate into the operating system, which was offered to consumers starting on Jan. 30, presents a potential soft spot. Similarly, new communications protocols supported by Vista -- and the fact that Microsoft has rewritten the entire TCP/IP stack around the operating system -- are potential targets for malware researchers.
"That said, we have always believed the measures Microsoft has taken in Vista is going to make it much harder for malware writers to create damage," he said.
Russ Humphreys, Microsoft product manager for Vista security, said the company is "evaluating" the information provided by Symantec, particularly issues in the operating system's GS Flag technology and its Address Space Layout Randomization feature.
"It is important to note that none of the security features in Windows Vista, either individually or collectively, are intended as a 'silver bullet' solution to the problem of computer security," Humphreys said in en e-mailed comment. "Instead, our defense-in-depth approach makes Windows Vista far more difficult to attack than any previous version of Windows, thus making it more secure." He said that Vista reflects a "right balance" between usability and security.
"This report does not properly address the fact that many of the Window Vista security technologies have numerous options that allow for a user to make their own judgments as to their need for security balanced against usability," he said.
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 2008-09-05 11:05:00+10
F-Secure delivers fastest protection in the online world 2008-09-04 16:50:00+10
NETGEAR expands ProSafe team as business-class products take off in SME market 2008-09-04 16:27:00+10
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 2008-09-04 16:00:00+10
Adaptec Intelligent Power Management Reduces Storage Power Consumption Up to 70 Percent 2008-09-04 11:28:00+10
An EMC Perspective on Data De-Duplication for Backup
Explore the factors that are driving the need for de-duplication and the benefits of data de-duplication as a feature of an organizations backup strategy.
