Wednesday, February 07, 2007

Meet the new OS, same as the old OS: AV, Vista, and Microsoft MS-DOS 6

News that Microsoft's own anti-virus [AV] product does not do a good job of protecting the new Microsoft Vista operating system will come as no surprise to the infosec "old guard" who remember Microsoft's first foray into anti-virus back with MS-DOS 6.0 in 1993. A detailed deconstruction of this product's shortcomings was written by one of the early AV pioneers, Y. Radai at the Hebrew University of Jerusalem. He graciously allowed me to reprint it in my PC and LAN security book and a copy is archived here in an Adobe PDF.

Unless you are a real AV history buff you may not want to read the whole thing (and if you are a real AV history buff you've read it already). But everyone should take note of the final sentences where Radai summarized the effects of Microsoft's decision to make its own AV and bundle it with the OS:
True, many people who have never before installed AV software will now do so, and this seems to be a benefit. However, they will be under the false impression that they are well-protected.
Enough said? After all, few things are more worrying to an information security professional than someone having a false sense of security. One of them is a lot of people having a false sense of security.

And who are these folks who just gave Microsoft Live OneCare a failing grade? Virus Bulletin, which has a sterling reputation for objective AV testing. If VB says a product does not do a good job, you can rest assured it does not (of course, depending on the product you are using, the assured rest may not come easily).

No comments: