EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

12.11.09

Trend Micro: Vista 7 Less Secure Than Vista

Posted in Microsoft, Security, Vista, Vista 7, Windows at 4:47 am by Dr. Roy Schestowitz

UAC

Summary: Trend Micro’s assessment of Vista 7 concurs with previous analyses which say that Vista 7 is a step back when it comes to security

ON several occasions in the not-so-distant past, experts warned that Vista 7 is even less secure than Windows Vista. To give previous examples of security issues in Vista 7:

  1. Cybercrime Rises and Vista 7 is Already Open to Hijackers
  2. Vista 7: Broken Apart Before Arrival
  3. Department of Homeland Security ‘Poisoned’ by Microsoft; Vista 7 is Open to Hijackers Again
  4. Vista 7 Security “Cannot be Fixed. It’s a Design Problem.”
  5. Why Vista 7 Could be the Least Secure Operating System Ever
  6. Journalists Suggest Banning Windows, Maybe Suing Microsoft Over DDoS Attacks
  7. Vista 7 Vulnerable to Latest “Critical” Flaws
  8. Vista 7 Seemingly Affected by Several More “Critical” Flaws This Month
  9. Reason #1 to Avoid Vista 7: Insecurity
  10. Vista 7 Left Hijackable Again (Almost a Monthly Recurrence)

Now comes yet another firm, Trend Micro, claiming that Vista 7 is less secure than Windows Vista:

Windows 7 is less secure out-of-the box than Vista, despite Redmond’s protestations to the contrary, a top security firm has claimed.

Trend Micro said that the default configurations of Windows 7 are less secure than Vista. Raimund Genes, CTO of Trend Micro, said that Windows 7 had sacrificed security for useability – at least for default configurations.

We shall continue to keep track of such important claims.

In other (in)security news yesterday:

i. Scareware slingers flaunt fake MS endorsement

Surfers visiting the URL on the Windows Support site referenced in the scareware from a clean PC will get a 404 ‘page not found’ message. Hacked PC victims will see an apparent endorsement.

ii. Potent malware link infects almost 300,000 webpages

A security researcher has identified a new attack that has infected almost 300,000 webpages with links that direct visitors to a potent cocktail of malicious exploits.

iii. How many people fall victim to phishing attacks?

According to a recently released report, based on a sample of 3 million users collected over a period of 3 months, approximately 45% of the time, users submitted their login information to the phishing site they visited.

The important point to remember is that Vista 7 changes nothing as far as security is concerned. Microsoft and/or its apologists love to defend Windows using the talking point that security issues are the fault of people who do not migrate to the latest version of Windows. It’s a sales pitch.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

12 Comments

  1. Yuhong Bao said,

    December 12, 2009 at 11:32 pm

    Gravatar

    “To give previous examples of security issues in Vista 7:“
    I already explained or debunked some of the previous ones. On this one, it is about default configurations of Vista and 7, and I am sure that most of the defaults can be changed.

  2. Yuhong Bao said,

    December 12, 2009 at 11:34 pm

    Gravatar

    On Linux default configurations, one of the most famous disasters was to allow any local users to install packages by default:
    http://lwn.net/Articles/362771/

    your_friend Reply:
    December 13th, 2009 at 12:46 pm

    That article in LWN is surprisingly rude and ill informed. It is rude because it paints the changes as ignorant and arrogant if not malicious. It is ill informed because the result is not really a big deal. I would not configure my system that way but I would not be so rude to a software maintainer about it. We’re talking about free software here, love it or change it. Outrage is only proper in the non free software world, where the user has traded their rights for promises of care. Why do you equate the obligations in two models which have such clear differences?

    More fundamentally, why do you try to equate Microsoft and Unix insecurity? Both systems have 30 year security histories and one is obviously better than the other which requires a useless, often abusive, monthly patch. Microsoft’s insecurity is a blight on the internet. Vista and Windows 7 are just as bad as any previous version of Windows. Claims of better security have been made of every previous version, usually with detailed technical descriptions that ignore fundamental flaws that allow attackers remote, root level access. With so long a history of failure, it is unreasonable to expect a change.

    Malicious claims of flaws in competing software is part of Microsoft’s criminal behavior. Their agents religiously defend Windows and make vague threats of doom for others. They have said the same things about Netscape, Mac OS, Unix and GNU/Linux. This has gone on for so long, it is surprising to see that Microsoft credibility lives on.

    Yuhong Bao Reply:
    December 19th, 2009 at 4:16 am

    “Both systems have 30 year security histories and one is obviously better than the other which requires a useless, often abusive, monthly patch.”
    It is not that simple.
    “Malicious claims of flaws in competing software is part of Microsoft’s criminal behavior. ”
    One of the most recent is when MS tried to FUD Chrome Frame.
    “usually with detailed technical descriptions that ignore fundamental flaws that allow attackers remote, root level access.”
    Really, is NT really that fundamentally flawed? I don’t think so, look at ReactOS

    Roy Schestowitz Reply:
    December 19th, 2009 at 4:39 am

    “Malicious claims of flaws in competing software is part of Microsoft’s criminal behavior. ”
    One of the most recent is when MS tried to FUD Chrome Frame.

    Or Google search.

    your_friend Reply:
    December 19th, 2009 at 10:11 am

    Yes, NT was fundamentally flawed. The security record speaks for itself. I know people who had NT hosed over like any other version of Windows. It’s all the same.

    Yuhong Bao Reply:
    December 19th, 2009 at 3:17 pm

    http://www.reactos.org/en/about.html

    Roy Schestowitz Reply:
    December 19th, 2009 at 3:21 pm

    I’ve taken a look. You have to remember their bias though; they need to justify their own choices.

    your_friend Reply:
    December 19th, 2009 at 9:18 pm

    NT as is flawed as it and it’s descendents are worse. That is the well established record. A free software implementation of NT will be better than the thing that Microsoft’s team of poached VMS engineers could throw together but it won’t be NT if it fixes NT’s fundamental and implementation flaws. I consider access control lists poor design, but what do I know? So here are words of wisdom from people who do know. Michael Feathers,

    a willingness to live with a little less to avoid the bigger mess and a willingness to see elegance in the real rather than the vision

    and the famous words of someone who knows all about legacy code, Michael Feathers

    Those who don’t understand UNIX are doomed to reinvent it, poorly.

    Reactos is a nice effort but it’s hard to take seriously anyone who’d say the crazy things on that about page. It would be nice to have a free implementation of Windows to run other user hostile legacy programs. The about page, however, reads like something from Microsoft’s “Get the facts” pages. Someone who knows better should clean that embarrassing mess up.

    your_friend Reply:
    December 20th, 2009 at 3:16 pm

    NT is flawed as it is. That’s how the last one should have started. I’m not sure what happened to make it so incoherent looking.

    Roy Schestowitz Reply:
    December 13th, 2009 at 2:36 pm

    Wasn’t this reversed?

    Yuhong Bao Reply:
    December 19th, 2009 at 4:11 am

    Yes, it was.

What Else is New

  1. Links 20/5/2018: KDevelop 5.2.2 and 5.2.3, FreeBSD 11.2 Beta 2

    Links for the day

  2. Aurélien Pétiaud's ILO Case (EPO Appeal) an Early Sign That ILO Protects Abusers and Power, Not Workers

    A famous EPO ‘disciplinary’ case is recalled; it’s another one of those EPO-leaning rulings from AT-ILO, which not only praises Battistelli amid very serious abuses but also lies on his behalf, leaving workers with no real access to justice but a mere illusion thereof

  3. LOT Network is a Wolf in Sheep's Clothing

    Another reminder that the "LOT" is a whole lot more than it claims to be and in effect a reinforcer of the status quo

  4. 'Nokification' in Hong Kong and China (PRC)

    Chinese firms that are struggling resort to patent litigation, in effect repeating the same misguided trajectories which became so notorious in Western nations because they act as a form of taxation, discouraging actual innovation

  5. CIPU is Amplifying Misleading Propaganda From the Chamber of Commerce

    Another lobbying event is set up to alarm lawmakers and officials, telling them that the US dropped from first to twelfth using some dodgy yardstick which favours patent extremists

  6. Patent Law Firms That Profit From Software Patent Applications and Lawsuits Still 'Pull a Berkheimer' to Attract Business in Vain

    The Alice-inspired (Supreme Court) 35 U.S.C. § 101 remains unchanged, but the patent microcosm endlessly mentions a months-old decision from a lower court (than the Supreme Court) to 'sell' the impression that everything is changing and software patents have just found their 'teeth' again

  7. A Year After TC Heartland the Patent Microcosm is Trying to 'Dilute' This Supreme Court's Decision or Work Around It

    IAM, Patent Docs, Managing IP and Patently-O want more litigation (especially somewhere like the Eastern District of Texas), so in an effort to twist TC Heartland they latch onto ZTE and BigCommerce cases

  8. Microsoft Attacks the Vulnerable Using Software Patents in Order to Maintain Fear and Give the Perception of Microsoft 'Safety'

    The latest patent lawsuits from Microsoft and its patent trolls (which it financially backs); these are aimed at feeble and vulnerable rivals of Microsoft

  9. Links 19/5/2018: Mesa 18.0.4 and Vim 8.1

    Links for the day

  10. Système Battistelli (ENArque) at the EPO is Inspired by Système Lamy in Saint-Germain-en Laye

    Has the political culture of Battistelli's hometown in France contaminated the governance of the EPO?

  11. In Australia the Productivity Commission Decides/Guides Patent Law

    IP Australia, the patent office of Australia, considers abolishing "innovation patents" but has not done so yet (pending consultation)

  12. Fishy Things Noticed Ahead of the Passage of a Lot of EPO Budget (Applicants' Money) to Battistelli's Other (and Simultaneous) Employer

    Observations and odd facts regarding the affairs of the council in St Germain; it certainly looks like Battistelli as deputy mayor and the mayor (Arnaud Péricard) are attempting to hide something

  13. Links 18/5/2018: AsteroidOS 1.0 Released, More Snyk/Black Duck FUD

    Links for the day

  14. Today's EPO Financially Rewards Abuses and Violations of the Law

    Battistelli shredded the European Patent Convention (EPC) to pieces and he is being rewarded for it, perpetuating a pattern of abuses (and much worse) being rewarded by the European Patent Organisation

  15. So-Called 'System Battistelli' is Destroying the EPO, Warn Insiders

    Low-quality patent grants by the EPO are a road to nowhere but a litigious climate in Europe and an unattractive EPO

  16. Rise in Patent Trolls' Activity in Germany Noted Amid Declining Patent Quality at the EPO

    The UPC would turn Europe into some sort of litigation ‘super-state’ — one in which national patent laws are overridden by some central, immune-from-the-law bureaucracy like the EPO; but thankfully the UPC continues its slow collapse

  17. EPO's Battistelli Taking Days Off Work for Political 'Duties' (Parties) in His French Theatre Where He'll Bring Buckets of EPO Budget (EPO Stakeholders' Money)

    More tales from Saint-Germain-en-Laye...

  18. Links 16/5/2018: Cockpit 168, GCompris 0.91, DHCP Bug

    Links for the day

  19. The EPO's 'Inventor Award' Scam: Part III

    An addendum to the "inventor of the year" affair, namely the case of Remmal

  20. Apple and Microsoft Are Still Suing Companies -- Using Patents of Course -- Which 'Dare' Compete (by Leveraging GNU/Linux)

    The vanity of proprietary software giants — as the latest news serves to reveal — targeting companies with patent lawsuits, both directly and indirectly

  21. The Anti-PTAB (Patent Quality), Anti-§ 101 Lobby is Losing Its Mind and It Has Become Amusing to Observe

    The rants about the Patent Trial and Appeal Board (PTAB), the courts and even the law itself have reached laughable levels; this reveals that the real agenda of patent maximalists is endless litigation and their methods boil down to those of an angry mob, not legal professionals

  22. EPO Has Become Overzealous About Software Patents, Probably More So Than Almost Anywhere Else

    The promotion of an extreme patent regime in Europe continues unabated; whether it succeeds or not depends on what EPO examiners and citizens of Europe can do

  23. Links 15/5/2018: Black Duck's Latest FUD and the EFF's EFFail FUD Debunked Further

    Links for the day

  24. Xiaomi, Samsung, TCL and Others Demonstrate That in a World With an Abundance of Stupid Patents Like Design Patents Nobody is Safe

    The "Cult of Patents" (typically a cabal of law firms looking to have everything on the planet patented) has created a battlefield in the mobile world; every company, once it gets big enough, faces a lot of patent lawsuits and dying companies resort to using whatever is in their "portfolio" to destroy everyone else inside the courtroom (or demand 'protection' money to avert lawsuits)

  25. A Google-Centric and Google-Led Patent Pool Won't Protect GNU/Linux But Merely 'Normalise' Software Patents

    Patent pools, which are basically the wrong solution to a very clear problem, continue to expand and promote themselves; the real solution, however, is elimination of abstract patents, notably software patents

  26. The Patent Microcosm is Still Looking for Ways to Bypass CAFC/PTAB Invalidation of Many US Patents

    In pursuit of patent maximalism (i.e. a status quo wherein US patents — no matter their age — are presumed valid and beyond scrutiny) pundits resort to new angles or attack vectors, ranging from the bottom (IPRs) to the top (Supreme Court)

  27. Inter Partes Reviews (IPRs) Make the United States a Much Better Place for Innovation and Creation

    Jim Logan of Personal Audio LLC (a patent troll) suffers one final blow and other news of interest serves to show just how valuable IPRs have become in the US

  28. The EPO Has Become Extremely Corrupt and Dishonest

    Corruption at the EPO is becoming an easy-to-see epidemic/problem, even if much of the media turns a blind eye to it (partly because of the corruption that's aimed at controlling media coverage)

  29. Reader's Post: The Last Delusion of Benoît Battistelli Before His Departure on June 30th

    “The last delusion of Battistelli before his departure next June 30″ — an informal article contributed by a Techrights reader

  30. It Doesn't Take a Genius to See That Microsoft Still Attacks GNU/Linux With Patents to Make Billions of Dollars in 'Protection' Money

    Intellectual Ventures, Finjan, RPX, and other Microsoft-connected trolls cannot be countered by LOT Network and the likes of it (notably OIN); Microsoft continues to shrewdly distribute patents to trolls, offering 'protection' from them (for a fee) and pressuring OEMs to bundle Microsoft 'apps' or risk retaliatory patent lawsuitsIntellectual Ventures, Finjan, RPX, and other Microsoft-connected trolls cannot be countered by LOT Network and the likes of it (notably OIN); Microsoft continues to shrewdly distribute patents to trolls, offering 'protection' from them (for a fee) and pressuring OEMs to bundle Microsoft 'apps' or risk retaliatory patent lawsuits

CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts