14 DAY TRIAL // Microsoft has applauded Windows Vista as the most secure Windows operating system on the market. The Redmond company even went as far as to say that Vista far outweighs rival platforms in terms of security, after Jeffery R. Jones, Security Strategy Director in Microsoft's Trustworthy Computing group, played the counting game with product vulnerabilities across Windows, Linux and Mac OS X distributions, and ended up being quoted even in the Windows Vista Service Pack 1 Beta White Paper. And yet, if we consider Microsoft's solutions, such as the combination of Windows Vista and Windows Live OneCare 1.6 antivirus, users could be easily infected by Stoned.Angelina, a 13-year-old boot virus and not even know it.
The Stoned.Angelina made headlines the past week after German computer maker Stoned.Angelina managed to ship Vista-based notebooks infected with the boot virus. Andreas Marx from AV-Test revealed that Stoned.Angelina has no problems compromising Windows Vista computers, and that the operating system reacts in no way to the infection.
"Medion shipped some notebooks together with a boot virus from 1994 (!)... and it looks like quite some AV tools had problems with the detection and/or removal of this critter. For example, the AV software installed on the system reported this virus on every reboot, but was unable to remove it. To my surprise, Stoned.Angelina is working very well with Windows Vista (x86) - the system gets infected and it is still bootable. Windows Vista won't display any message or other kind of warning regarding the boot sector change (unlike Windows 98, for example.)", Marx commented.
The Medion notebooks included BullGuard Internet Security 7.0, but the antivirus was only capable of detecting the boot virus. When it came to actually removing the threat, BullGuard was useless. Still, Marx tested a range of antivirus solutions on Windows XP SP2 and Windows Vista notebooks infected with Stoned.Angelina, and found that OneCare 1.6 from Microsoft performed the worst of all.
"Microsoft OneCare 1.6 -- which is completely unable to scan for boot viruses on disk (tested on Windows XP and Vista), so the user wouldn't get a notification that his system is infected. As nothing is found, nothing can be removed, of course," Marx stated.
By contrast, G Data (AVK) Total Care 2008; Bitdefender Internet Security 2008 (v10) and Kaspersky Internet Security 7.0 all detected and successfully removed the threat. Symantec Norton 360 and Panda Internet Security 2008 (v12) both identified the boot virus and cleaned the infection, but also killed the operating system in the process, removing vital files from the operating systems. BullGuard Internet Security 7.0; McAfee Internet Security 2007; McAfee Internet Security 2007 and Avira AntiVir Personal Premium (v7) found the virus and reported it, but failed to handle it accordingly.