Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

11/9/2009
04:29 PM
50%
50%

Microsoft Says Sophos Overhypes Windows 7 Malware Threat

Says Sophos' methodology was flawed, in part because the testers did not take advantage of Microsoft security tools

Microsoft (NSDQ: MSFT) accused a software industry rival of overhyping tests results that purported to show security features in the new Windows 7 operating system fail to block 80% of malware threats.

"I'm not a fan of companies sensationalizing findings about Windows 7 in order to sell more of their own software," said Paul Cooke, Microsoft's director of Windows Enterprise Client Security, in a blog post Friday.

Cooke's blog came in response to an earlier post by Chester Wisniewski, senior security advisor at anti-virus software maker Sophos. Wisniewski said Sophos' tests revealed that Windows 7 is "vulnerable to 8 out of 10 viruses."

Sophos obtained its results by planting ten instances of known malware onto a PC running Windows 7. Only two were caught by the OS. "Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows," Wisniewski wrote.

"Lesson learned? You still need to run anti-virus on Windows 7," Wisniewski added in his post.

Microsoft's Cooke, however, countered that Sophos' methodology was flawed, in part because the testers did not take advantage of Microsoft security tools, such as Internet Explorer's SmartScreen filter, that are not directly part of Windows 7 but to which an ordinary user would have access.

"The SmartScreen filter will notify you when you attempt to download software that is unsafe—which the SophosLabs methodology totally bypassed in doing their test," wrote Cooke.

Still, Cooke said he agreed with Sophos' recommendation that Windows 7 users run anti-virus software on their PCs. "Users of any computer, on any platform, should run anti-virus software, including those running Windows 7," said Cooke.

It's not surprising that Microsoft is butting heads with third-party security vendors. The company to a degree undercut their business models earlier this year when it released Microsoft Security Essentials, which includes an anti-virus component, as a free download.

FBR Capital Markets analyst Daniel Ives has called MSE a "long-term threat" to security software makers, including Symantec (NSDQ: SYMC) and McAfee.

InformationWeek has published an indepth report on Windows 7. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-2393
PUBLISHED: 2020-11-23
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. This issue affects: MongoDB Inc. MongoDB Server v4.2 versions prior to 4.2.1; v4.0 versions prior to 4.0.13; v3.6 versions prior to 3.6.15.
CVE-2020-1778
PUBLISHED: 2020-11-23
When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. This issue affects OTRS; 8.0.9 and prior versions.
CVE-2020-28421
PUBLISHED: 2020-11-23
CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.
CVE-2020-7777
PUBLISHED: 2020-11-23
This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no mention about the risks of untrusted schema files, so I assume that this is applicable. In partic...
CVE-2018-20802
PUBLISHED: 2020-11-23
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.9, v4.0 versions prior to 4.0.3.