14 DAY TRIAL // W32/Stratio-Zip, W32/Netsky-P and W32/MyDoom-O are the first viruses affecting Windows Vista. Security company Sophos revealed that Microsoft's latest operating system can be compromised by the three worms and Microsoft has confirmed this situation. But while W32/MyDoom-O and W32/Netsky-D dating back from 2004 and W32/Stratio-Zip can execute on Vista, the Redmond Company has denied that the attack vector is a Vista vulnerability and has shifted the blame toward social engineering techniques as user interaction is necessary for a successful infection.
"Microsoft is aware of a report by Sophos that claims variants of existing malware may affect users running Windows Vista," reads a statement from Microsoft. "Based on our initial investigation, Microsoft can confirm that these variants do not take advantage of a security vulnerability, rather they rely on social engineering to infect a user's system."
The Redmond Company pointed at third party products as malware gateways and at the user for the responsibility associated with the execution of malicious code. "If a user clicks through various security warnings and protections, it's of little surprise that malware (even malware from long ago), can still run," said Stephen Toulouse, a senior product manager at Microsoft's security technology unit. "It is not through a flaw that this occurs. This is why we strongly recommend to run antivirus on all versions of Windows, even Windows Vista. The very problem you have noted is one that is not actually unique to Windows."