Sophos incorrectly implies that Vista won't stop current viruses Sophos recently published an article implying that today's malware can easily exploit Vista. "Sophos experts note that on the launch date of Microsoft's Windows Vista operating system, three of the top ten - including Stratio-Zip - are capable of bypassing the operating system's security defences (sic) and infecting users' PCs. The Vista-resistant Sophos incorrectly implies that Vista won’t stop current virusesSophos recently published an article implying that today’s malware can easily exploit Vista.“Sophos experts note that on the launch date of Microsoft’s Windows Vista operating system, three of the top ten – including Stratio-Zip – are capable of bypassing the operating system’s security defences (sic) and infecting users’ PCs. The Vista-resistant malware – W32/Stratio-Zip, W32/Netsky-P and W32/MyDoom-O – comprise 39.7% of all malware currently circulating.”However, if you read further, the article says that Vista’s Windows Mail, the new Windows email client that replaces Outlook Express, stops all the threats by default. Only if you use a non-Microsoft, third party, email client, is the threat allowed to execute on Vista. So by default, in Vista, the threats are prevented from running. Now, while there might be a little news here, it isn’t much. That viruses and worms can spread in Vista is a little newsworthy. But really it isn’t. If I can convince you to run my malicious executable, it’s always game over, regardless of your OS. You can be running Windows, Mac OS X, Linux, and FreeBSD…but if you run my untrusted file meant to cause harm to your system, I can always bypass any defense you have. That’s just the facts of life.The real factoid is that the default software that comes with Vista DID STOP the threats that they ran against it, by default. I find that conclusion much more newsworthy. Related content analysis The 5 types of cyber attack you're most likely to face Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront By Roger Grimes Aug 21, 2017 7 mins Phishing Malware Social Engineering analysis 'Jump boxes' and SAWs improve security, if you set them up right Organizations consistently and reliably using one or both of these approaches have far less risk than those that do not. By Roger Grimes Jul 26, 2017 13 mins Authentication Access Control Data and Information Security analysis Attention, 'red team' hackers: Stay on target You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws By Roger Grimes Dec 08, 2015 4 mins Hacking Data and Information Security Network Security analysis 4 do's and don'ts for safer holiday computing It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily By Roger Grimes Dec 01, 2015 4 mins Phishing Malware Patch Management Software Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe