Vista (is) still not so immune

San Francisco, May 16 2008: Leading security software vendor, PC Tools, today released additional research to support its contention that Windows Vista is still a long way from immunity to online threats. PC Tools also commented on points raised following the release of research results last week and provided new research including a breakdown of the types of threats detected and blocked within the ThreatFire community.

“PC Tools maintain that Vista is not immune from online threats. Further research and analysis has confirmed our contention that additional third-party protection is absolutely necessary for all Windows Vista users” said Simon Clausen, Chief Executive Officer, PC Tools.

Further analysis of the latest raw data¹ confirms that approximately 121,000 pieces of malware were detected on approximately 58,000 unique Vista machines in the ThreatFire community², and that these Vista machines had at least one piece of malware actively running on their system.

Additional investigation of the data also identifies the types of malware detected on Vista based machines -17% of all threats found on Vista machines involved in the research were Trojans, while worms accounted for 5%, spyware for 3% and viruses for 2%.

“Online threats such as Trojans, worms and spyware have the potential to seriously impact consumer privacy and security online. These threats can cause substantial damage by acting as backdoors for hackers to access personal and confidential information from the PC or for the PC to become integrated into a botnet and be used for malicious purposes” said Clausen.

Clausen also said that the industry has offered a number of interpretations of PC Tools’ research.

“Firstly it is important to highlight that all systems used in the research pool were at the very least running PC Tool’s ThreatFire and that because the technology is behavioral-based, the data refers to threats that actually executed and triggered our behavioral detection on the client machine”, said Clausen.

Furthermore, in response to alternative research from Microsoft’s Malicious Software Removal Tool³, PC Tools highlights that the MSRT is not a comprehensive anti-virus scanner, but a malware removal tool for a limited range of “specific, prevalent malicious software”⁴.

“The Microsoft MSRT checks for a significantly smaller, specific range of malware than ThreatFire and other third-party products. It is therefore not surprising that the percentage of infections detected by the Microsoft MSRT is significantly smaller than what ThreatFire has detected”, said Clausen.

“It is also equally important to note that we regard the implementation of Microsoft’s UAC (User Account Control) ineffective in providing protection against malware for two reasons.

“Firstly, UAC alerts are shown too frequently for non-malware and therefore users are either simply ignoring the alerts and permitting all actions or turning the UAC off. One might argue that showing recurrent alerts for routine actions trains users to ignore the alert information and unknowingly letting threats penetrate the system.

“Secondly, because the UAC is limited in the number of activities it monitors, malware can also penetrate the operating system by evading detection”, said Clausen.

PC Tools recommend that consumers seek adequate protection when using all Windows operating systems.

NOTE TO EDITOR

There are a number of executive spokespeople available for comment in the United States, Australia and United Kingdom:

Simon Clausen, Chief Executive Officer, PC Tools
Michael Greene, Vice President Product Strategy, PC Tools
Mike Kronenberg, Chief Technology Officer, PC Tools North America
Please liaise with media contacts below.

ABOUT THREATFIRE

Recent winner of PC Magazine’s prestigious Editor’s Choice Award, ThreatFire uses advanced patent pending technology to detect signs of malicious behavior commonly used by malware threats. ThreatFire is unlike traditional anti-virus products that rely on signature technology and require updating every time a new threat occurs. ThreatFire’s ActiveDefence Technology is able to identify and paralyze threats that are too new or too sophisticated to be recognized by traditional security software. ThreatFire is designed to only alert end users of truly malicious behavior.

ABOUT PC TOOLS

PC Tools is a global software leader with a cache of security and utility products, including the multi award-winning Spyware Doctor®. PC Tools is an industry leader in real-time anti-spyware and has a number of key patents pending.

The PC Tools Malware Research Center monitors trends and emerging spyware issues and provides security solutions for the consumer and enterprise marketplace. The company is headquartered in Sydney, with offices in San Francisco, London, Shannon (Ireland), Melbourne, Kiev, and Boulder. PC Tools has a global network of distributors, resellers, and retailers.

Media Contacts

Lauren Young
Public Relations Manager
PC Tools Software E: pr@pctools.com
Phone: +61 (0) 2 8922 6394
Mobile: +61 410 541 562

Magida Ezzat
Communications Manager
PC Tools Software E: pr@pctools.com
Phone: +61 (0) 3 9691 3576
Mobile:+ 61 411 156 152

¹ Results collected over a six month period, from November 2007 – May 2008.
² Contact PR@pctools.com.
³ Malicious Software Removal Tool.
⁴ http://www.microsoft.com/security/malwareremove/default.mspx.