How Internet criminals will evade Vista's safeguards

Think malware will fade away with Vista? Sorry. There's about as much chance of the thriving throngs of online criminals packing up shop as there is of Microsoft doing the same.

"Malware technology will evolve just like a business," says Vlad Gorelik, chief technology officer of Sana Security. "There are definitely improved protections [in Vista] with permissions control and things like that, but that type of protection could be overcome by malware."

Some malware can already do its nefarious work under Vista, while others will need only minor changes. Fake alerts and other social engineering tricks already in use will become more sophisticated and more common as methods for evading Vista's defences. You'll also likely see more Web-based threats able to steal data passing through any browser, and malware may hide more often in seemingly innocuous installation programs.

These threats and others will find a way around Vista's defences as long as there's a buck to be made -- but you can act to protect yourself.

Seamless shift

According to Gorelik, Microsoft's efforts to allow legacy XP software to run on Vista means that many varieties of malware can easily make the jump along with legit programs. Some won't need to change at all; Gorelik says that out of a few hundred malware samples his company regularly works with on XP, about 30 percent ran happily under Vista without any modifications.

For those attack apps that might be blocked from installing surreptitiously by Vista's User Access Control, for instance, expect social engineering to play an ever greater role. UAC attempts to limit malware's reach into the system by denying malware automatic permission to change important system files. If a user or a program tries to make sensitive changes, a pop-up will appear that requires the user to okay the move. Attackers will employ social engineering tricks to get around that defense, or even to co-opt it.

Social engineering already exists in many forms -- as in (to take just one example) the never-ending flood of e-mails that purport to be from your Web mail provider, asking you to open an attached file explaining your password change. Symantec recently posted a warning about another, particularly well-crafted social engineering attack that appears as a Windows activation window.

Trust no one

The counter to social engineering is, of course, to stay sharp. More than ever, you should automatically distrust any unexpected e-mail attachment, even if it appears to come from a trusted friend or a site you do business with. The same goes for links in e-mail -- if you're in the habit of always using a bookmark or typing in the URL to access your accounts, you'll be safe if and when an e-mail comes along that's good enough to trick you.

But social engineering won't stop with e-mail. Both Gorelik and Joe Stewart, a senior security researcher with SecureWorks, expect social engineering to expand with attacks that purposely pop-up a seemingly normal UAC prompt -- but if you ok it, you'll give malware a free pass to infect your computer.

These faked pop-ups could work, Stewart says, because people "have to make the right decision about what they're going to run every time. It just takes one thing to get through and disable UAC."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Erik Larkin

PC World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?