Vista and third party Virus scanners

http://news.bbc.co.uk/1/hi/technology/5399534.stm

I think this is a very bad move by Microsoft, maybe the first crack in
the empire if they see this one through!

Now where's that book on "Linix"
--
Keith (Southend)
http://www.southendweather.net
e-mail: kreh at southendweather dot net

Keith (Southend)

From: "Keith (Southend)" <>

| http://news.bbc.co.uk/1/hi/technology/5399534.stm
|
| I think this is a very bad move by Microsoft, maybe the first crack in
| the empire if they see this one through!
|
| Now where's that book on "Linix"

Here's something to add to this...

http://www.avertlabs.com/research/blog/?p=95

"What makes this attack interesting, is the fact that it appears that Microsoft’s antivirus
product added detection three days ago. The only public information on these threats is the
boiler plate Malicious Software Encyclopedia entries (which show an incorrect discovery date
of Sep 26, when virus definition files from Sep 23 detect):

a.. Exploit:Win32/Controlppt.W
b.. Exploit:Win32/Controlppt.X
There isn’t a public advisory from Microsoft; suggesting the Microsoft’s security team knew
of this in-the-wild attack but did not make the information public."


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

David H. Lipman

On Mon, 02 Oct 2006 21:25:53 +0100, "Keith (Southend)"
<> wrote:

>http://news.bbc.co.uk/1/hi/technology/5399534.stm
>
>I think this is a very bad move by Microsoft, maybe the first crack in
>the empire if they see this one through!

On previous versions Mcafee and Norton cause more problems
than they cure. Their products have outlived their usefulness.

>Now where's that book on "Linix"

Look under dyslexia

--
Jim Watt
http://www.gibnet.com

Jim Watt

David H. Lipman wrote:
> From: "Keith (Southend)" <>
>
> | http://news.bbc.co.uk/1/hi/technology/5399534.stm
> |
> | I think this is a very bad move by Microsoft, maybe the first crack in
> | the empire if they see this one through!
> |
> | Now where's that book on "Linix"
>
> Here's something to add to this...
>
> http://www.avertlabs.com/research/blog/?p=95
>
> "What makes this attack interesting, is the fact that it appears that Microsoft’s antivirus
> product added detection three days ago. The only public information on these threats is the
> boiler plate Malicious Software Encyclopedia entries (which show an incorrect discovery date
> of Sep 26, when virus definition files from Sep 23 detect):
>
> a.. Exploit:Win32/Controlppt.W
> b.. Exploit:Win32/Controlppt.X
> There isn’t a public advisory from Microsoft; suggesting the Microsoft’s security team knew
> of this in-the-wild attack but did not make the information public."
>
>

Not that I understand to much of the technical side, but it makes me
wonder where this could lead. Not being able to install any third party
software into 'windows', Firefox etc ? This is when the monopolies
commission should realy get stuck in.

--
Keith (Southend)
http://www.southendweather.net
e-mail: kreh at southendweather dot net

Keith (Southend)

From: "Jim Watt" <_way>

| On Mon, 02 Oct 2006 21:25:53 +0100, "Keith (Southend)"
| <> wrote:
|
>> http://news.bbc.co.uk/1/hi/technology/5399534.stm
>>
>> I think this is a very bad move by Microsoft, maybe the first crack in
>> the empire if they see this one through!
|
| On previous versions Mcafee and Norton cause more problems
| than they cure. Their products have outlived their usefulness.
|
>> Now where's that book on "Linix"
|
| Look under dyslexia
|

Not totally true. The problems lie on the retail versions of their respective products not
on their corporate/enterprise versions.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

David H. Lipman

On Mon, 02 Oct 2006 22:39:32 GMT, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>Not totally true. The problems lie on the retail versions of their respective products not
>on their corporate/enterprise versions.

Possibly, but the small business's here tend to buy the retail
product, or the machines come with it preloaded; particularly
in the case of Norton who won't supply an English language version
because they have decided we are part of Spain although we think
differently.

AVG is currently my product of choice and deleted Norton from
the new sony laptop bought recently.

I turned down the offer on McAfee shares when they had their
IPO as it looked likely that MS would bundle a product, so
perhaps am not infallible

--
Jim Watt
http://www.gibnet.com

Jim Watt

On Mon, 02 Oct 2006 23:10:07 +0100, "Keith (Southend)"
<> wrote:

>David H. Lipman wrote:
>> From: "Keith (Southend)" <>
>>
>> | http://news.bbc.co.uk/1/hi/technology/5399534.stm
>> |
>> | I think this is a very bad move by Microsoft, maybe the first crack in
>> | the empire if they see this one through!
>> |
>> | Now where's that book on "Linix"
>>
>> Here's something to add to this...
>>
>> http://www.avertlabs.com/research/blog/?p=95
>>
>> "What makes this attack interesting, is the fact that it appears that Microsoft’s antivirus
>> product added detection three days ago. The only public information on these threats is the
>> boiler plate Malicious Software Encyclopedia entries (which show an incorrect discovery date
>> of Sep 26, when virus definition files from Sep 23 detect):
>>
>> a.. Exploit:Win32/Controlppt.W
>> b.. Exploit:Win32/Controlppt.X
>> There isn’t a public advisory from Microsoft; suggesting the Microsoft’s security team knew
>> of this in-the-wild attack but did not make the information public."
>>
>>
>
>Not that I understand to much of the technical side, but it makes me
>wonder where this could lead. Not being able to install any third party
>software into 'windows', Firefox etc ? This is when the monopolies
>commission should realy get stuck in.

AV products need to be very tightly integrated into the operating
system, which is why they are a real pain in the arse when they
missfunction.
--
Jim Watt
http://www.gibnet.com

Jim Watt

From: "Jim Watt" <_way>


|
| Possibly, but the small business's here tend to buy the retail
| product, or the machines come with it preloaded; particularly
| in the case of Norton who won't supply an English language version
| because they have decided we are part of Spain although we think
| differently.
|
| AVG is currently my product of choice and deleted Norton from
| the new sony laptop bought recently.
|
| I turned down the offer on McAfee shares when they had their
| IPO as it looked likely that MS would bundle a product, so
| perhaps am not infallible
|

AVG isn't nearly as good as Avira AntiVir.
For example, Avira had signatures for the VMFill-Exploit one week earlier than AVG.


The differences between the McAfee retail and corp/enterprise AV version are like night and
day. Except for using the same Signatures and Engine, the Kernels are completely different.
If their implementation of the Engine is different in that the Enterprise version will
provide the Command Line Scanner while the retail only uses a GUI. The Retail version
forces you to register the product and ties the scanner tightly to Internet Explorer and
doesn't use NT Services to load. The Enterprise versions has NO dependencies on IE, does
not require registration and uses NT services to load. It has been a problem where the
retail version neds an administrative account to download and install signatures. Because
the Enterprise version uses a NT Service one can easily apply an administrative account to
perform the update. There are miore differences but those are the most natable. Those
differences noted in the retail version are much of the cause of problems people "bitch"
about.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

David H. Lipman