Vista launch: New OS vulnerable to common threats

Microsoft Vista is susceptible to common malware attacks that have been in the wild for more than two years, experts at Sophos warned this week.

The antivirus company explained that without additional security protection, Vista is unable to stop variants of Stratio, Netsky and MyDoom from infecting systems loaded with the new OS.

All three pieces of malware are well-known problems among security professionals, and Netsky and MyDoom have been infecting systems as long as two years ago. The three threats make up 39.7 percent of all malware currently circulating, according to Sophos' estimates.

Sophos explained that it found the weakness when it tested Vista for susceptibility to all of the programs on its November list of top ten most prevalent malware threats. Its researchers found that though Vista's upgrade of Outlook could identify and stop all of the threats on the top ten list, Stratio, Netsky and MyDoom were all able to infect the system when e-mail was accessed via a third-party web email client. Sophos warned that this can pose considerable risk for businesses that allow employees to access personal mail at work.

"There has been much speculation about whether Microsoft Vista would render existing malware extinct, and the news is now in - it won't," said Carole Theriault, senior security consultant at Sophos. "Users need to think carefully about whether their current solution is going to offer sufficient protection against such emerging threats, given that some vendors continue to experience problems adapting their software for the Vista operating environment."

Like most major security vendors, Sophos has not put a Vista-ready product on the market yet. The company expects to release its Vista security product during the first quarter of 2007.

Click here to email Ericka Chickowski.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.