Vista SideBar and gadgets the new frontier for malware
While security features in Windows Vista will make it harder for malware coders to develop worms that target operating system vulnerabilities, Symantec is tipping that malware coders will turn their attention to other vulnerabilities, like Vista’s new Windows SideBar and gadgets.
“(Worms that target core operating system vulnerabilities were) largely responsible for the majority of high-profile outbreaks in the early part of this century,” says Symantec in a recent report. “We expect that worms will continue to thrive; however, their method of propagation will change. This trend has already been observed since the release of Windows XP SP2 and is expected to continue,”
Symantec believes that Worms will increasingly use email, instant messaging, and the Web for propagation, as well as “leveraging social engineering and other convincing trickery in order to infect their victims”.
Symantec also warns that it ”does not believe that Windows Vista security improvements will stifle other classes of malicious code”.
So where will the main threats come from?
First, Symantec says that we’ll see more threats to the Web Application Layer, where 78% of new security vulnerabilities reside today.
“Windows Vista provides no enhanced security in this space, as the majority of vulnerabilities today are seen within PHP, Python, Perl, ASP, and other languages. In addition, new Web 2.0 technologies such as AJAX provide an entirely new layer on which tomorrow’s threats will propagate,” states the report.
The company also believes that more attackers will target third-party applications that are developed by companied without a Security Development Lifecycle (SDL) in place.
Most interestingly, however, the Symantec believes that malware coders will use Windows sidebar and gadgets propagate of a new class of malware.
Gadgets are a mixture of static HTML and scripting, which are designed to allow the quick and easy development of new plug-ins for the Windows desktop.
“While gadgets do not automatically execute, Symantec researchers anticipate that they will be quickly
adopted by malicious code writers as a novel way to convince users to download and execute arbitrary
code,” states Symantec.
“Although these gadgets are bound by the same restrictions as other applications, the fact that they
are automatically authorized to communicate via the Web makes them an effective means to introduce
arbitrary content, and also to extract sensitive, confidential information from the host.”
So you see, while Vista might offer better security, there are still lots of holes for malicious code writers to exploit, which of course, will keep anti-malware companies like Symantec in business for years to come. Could this be why Symantec published this report? (And yes, my tongue is firmly in my cheek.)
Related Posts:
