by Playfuls Staff |
31st January 2007
SEATTLE/SAN FRANCISCO (Reuters) - Computer hackers are off
and running trying to find vulnerabilities in Microsoft Corp.'s
new Windows Vista operating system, putting to test the
software maker's claim that it is the most secure Windows
program ever. [more]
The new version of Windows, the computer operating system
that runs over 95 percent of the world's computers, became
available to consumers on Tuesday after five years of
development and a number of delays to improve security.
A high-profile new product like Windows Vista draws
interest from the entire spectrum of the computer security
industry, ranging from hackers trying to exploit a breach for
criminal means to researchers looking to make a name for
themselves as security experts.
"For sure, people are hammering away on it," said Jeff
Moss, the organizer of Defcon, the world's largest hacking
convention. "If you are a bad guy and you find a problem, you
have a way to spread your malware and spyware."
Most security experts see Vista as a more secure operating
system than its predecessor, Windows XP, but even Microsoft
acknowledges it's not impenetrable and attackers will
undoubtedly look for a way in.
Attackers can use spyware programs to monitor a computer
remotely and collect personal information on a user. They can
also control machines remotely to attack Web sites, send spam
e-mail or defraud online advertisers.
Vista's comes with built-in anti-spyware software, and new
account controls curb the ability of users to unintentionally
install harmful programs. The high-end versions come with a
feature called BitLocker that encrypts a computer's hard drive
in the case of a lost or stolen machine.
"We know from the outset that we won't get the software
code 100 percent right. No one does in the entire software
industry ... but Windows Vista has multiple layers of defense,"
said Stephen Toulouse, senior product manager at Microsoft's
trustworthy computing group.
Windows Vista runs over 50 million lines of software code
and Redmond, Washington-based Microsoft invested $6 billion (3
billion-pound) to develop the first new operating system since
it released Windows XP in October 2001.
Microsoft's ability to protect Windows from attackers is
seen as a critical litmus test for a product that generated
more than $10 billion in sales last year, especially to large
institutional customers who are extra careful.
Another key element in Microsoft's plan to combat attacks
will be automatic Windows updates sent to Vista users to patch
up vulnerabilities and changes to its anti-spyware products.
In the past, attackers honed in on vulnerabilities in the
core Windows operating system, but those types of attacks are
being cast aside for attacks from e-mail, instant messaging and
applications downloaded from the Web.
"In the past with XP, they could attack the operating
system itself to infect you. Today the OS is stronger but
threats can still get on your system," said Oliver Friedrichs,
director of emerging technologies at security software maker
Symantec Corp.
Johannes Ullrich, a cyber security expert at the SANS
Institute research group, expects hackers are working furiously
to win recognition as the first to find and publicize a
security hole in Vista.
He also cautioned that hackers would still be able to
launch attacks by taking advantage of vulnerabilities in
Internet Explorer and Microsoft Office, and warned that
criminals would hold off on exploiting holes until more users
adopt Vista.
"Being the first to write an exploit for Vista is something
a lot of people would like to do," Ullrich said in a telephone
interview. "But ultimately any exploit will be used for
financial gain."
By Daisuke Wakabayashi and Michael Kahn(c) Reuters 2007. All rights reserved. Republication or redistribution of Reuters content, including by caching, framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters and the Reuters sphere logo are registered trademarks and trademarks of the Reuters group of companies around the world.
