Gadget Malware?
April 6, 2007
While security features in Vista make it harder for malware coders to develop worms that target operating system vulnerabilities, Symantec is betting that malware coders will turn their attention to other things, like Gadgets. In a recent report, Symantec commented that “worms that target core operating system vulnerabilities were largely responsible for the majority of high-profile outbreaks in the early part of this century.”
The guys from Symantec seem to think that worms will continue to thrive, with just their method of propagation changing. Symantec also warns that it “does not believe that Windows Vista security improvements will stifle other classes of malicious code”. So where will the main threats come from then?
First, Symantec says that we’ll see more threats to the Web Application Layer, where 78% of new security vulnerabilities reside today.
“Windows Vista provides no enhanced security in this space, as the majority of vulnerabilities today are seen within PHP, Python, Perl, ASP, and other languages. In addition, new Web 2.0 technologies such as AJAX provide an entirely new layer on which tomorrow’s threats will propagate,” states the report.
Most interestingly, however, the Symantec believes that malware coders will use Windows sidebar and gadgets propagate of a new class of malware.
They say that “while gadgets do not automatically execute, Symantec researchers anticipate that they will be quickly adopted by malicious code writers as a novel way to convince users to download and execute arbitrary code.”
“Although these gadgets are bound by the same restrictions as other applications, the fact that they are automatically authorized to communicate via the Web makes them an effective means to introduce arbitrary content, and also to extract sensitive, confidential information from the host.”
Add to a social site or email to a friend
Sphere: Related Content
Posted in 
Recent Comments