Could Existing Malware Infect Vista?

Microsoft has touted Vista as a more secure version of Windows, but on the day of Vista's official launch, a security company has identified malware already in circulation that can infect computers running the OS.

Sophos Says Vista Vulnerable to Worms

Sophos identified three viruses typically spread through e-mail that can infect Vista customers who use a third party Web e-mail client. While Vista's e-mail client stops Stratio-Zip, Netsky-D, and MyDoom-O, the malware slips past Vista's defenses when users receive infected messages through a Web-based e-mail service, Sophos said.

Stratio-Zip topped Sophos' list of malware affecting computer users in the month of November, accounting for 33.3 percent of malware in circulation. Combined, the three viruses that can affect Vista users make up 39.7 percent of all malware in circulation during the month, Sophos said.

However, even if the malware Sophos identified slips through in an e-mail, customers won't necessarily be affected, another researcher said.

New Security Measures Work, Says F-Secure

Additional Vista security mechanisms should protect users, said Mikko Hypponen, chief research officer at F-Secure. If a customer opens an infected malware file, Vista would warn and question the user before allowing the malware to wreak havoc. "These particular examples of malware probably wouldn't still be able to successfully infect the machine unless the user specifically allows it," he wrote in an e-mail exchange.

Sophos applauded the security improvements in Vista, saying that the variety of popular third party applications used by consumers inevitably will open doors to hackers.

For more Vista information, tips, and answers to frequently asked questions, subscribe to PC World's Windows Vista newsletter.

McAfee and Symantec: Vista not Secure

Other antivirus companies haven't been so kind. McAfee has been highly critical of changes in the operating system that it says will make Vista less secure than previous versions of Windows. Symantec said it has discovered vulnerabilities in Vista's networking software which makes it less stable than Windows XP.

Sophos found that overall, the proportion of infected e-mail remained low in November at 0.28 percent, but identified a record number of new threats, 7,612, during the month.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
  
Shop Tech Products at Amazon