Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Permalink for comment 394196
To read all comments associated with this story, please click here.
RE[5]: Comment by simon17
by lemur2 on Thu 12th Nov 2009 01:44 UTC in reply to "RE[4]: Comment by simon17"
Member since:

"A script running in the web browser, outlook or the IM client, sent to the machine from some random on the net.
All operating systems are vulnerable to remote code execution bugs. In fact, the most recent serious vulnerability of this nature was a bug in the Java browser plugin and it affected all platforms. "

The point is that the many many thousands of malware payloads that could use such an exploit are virtually all Windows executables.

"An autostart script on a USB stick that was picked up when that stick was in another machine somewhwere (say, at the library, or at the photo print shop, or at the kids school).
Autorun on a USB stick was a brain dead idea and has finally been removed in Windows 7. "

Thank goodness. Why did it take Microsoft years to do that?

"Any hostile person who has unattended physical access to the machine for a few moments while it is logged on.
All operating systems are vulnerable to this. "

Nope. On secure systems, such a hostile person would require knowledge of a password in order to be able to elevate priveledges. On Windows 7, all that the same hostile person would have to do is click on 'allow'.

Reply Parent Score: 2