Windows Vista = Malware Paradise

Windows Vista will become a garden of Eden for malware. Malicious code will thrive in the context of Vista, and Microsoft's latest operating system will be the future stage of the onslaught. Mark Russinovich, technical fellow in Microsoft's Platform and Services Division has painted a different picture of the operating system security measures, forecasting that the threat environment will evolve and adapt to Vista.

All that Microsoft has done with Vista is to raise a standard of security. As malicious code and techniques will continue to evolve, Vista's security barriers will become obsolete and expire. This perspective, coming from a senior Microsoft official only manages to reduce the expectations of Vista's security performances. Present at the CanSecWest 2007 security conference in Vancouver, Russinovich stated yet again that the User Account Control implemented in Vista is not a security feature.

"It's a best effort to raise the bar and stop malware from making changes to the operating system but it's not a security boundary. There is no guarantee that malware can't hijack the elevation process or compromise an elevated application," Russinovich explained.

UAC in Vista is a limitation that restricts processes to run with only the standard user privileges. With the UAC, Microsoft has given an active role to the user, that has to explicitly consent to each elevation of privilege. By no means is the UAC a security boundary, although Microsoft is considering integrating installations separated according to user and elevations isolated from the rest of the operating system.

Russinovich exemplified the dangers presented by social engineering schemes in tricking users to allow for elevation of privileges. Still, he predicted that attackers will ultimately develop techniques that will directly allow malicious code to perform elevation of privileges and completely compromise a system.