Whitepaper_Migrating to Windows Vista - Recognize the Security Risks_ltr.pdf - Inne informatyczne - mikroprocesory

Migrating to Windows Vista:

Recognize the Security Risks

A MessageLabs White Paper

Table of Contents

Introduction: A Security Challenge

Key Considerations

Security Priorities

MessageLabs: Providing Effective Protection

Make Migration Easy: Take the Next Step!

Introduction: A Security Challenge

Windows Vista has arrived. To a huge fanfare, Microsoft’s much-anticipated new

operating system was finally launched on January 30 th 2007.

Set to replace Windows XP on most PCs, Vista’s developers claim the system is the

most secure platform ever produced. And there’s absolutely no doubt that Microsoft

has invested an enormous amount of time, effort and money in Vista’s security.

Hackers are

lining up to test

Vista’s defenses

and, if possible,

to collapse it.

Inevitably, though, hackers are lining up to test the new system’s defenses and, if

possible, to collapse it. History shows that they will stop at nothing to probe for

weaknesses and exploit whatever vulnerabilities they can find.

So what does this mean for your organization? With electronic communications

absolutely vital to your operations, exactly what are the messaging and web-related

risks involved in migrating to Microsoft Vista? Above all, can you ensure that you are

comprehensively protected against viruses, trojans, spam, spyware, phishing and

other malicious malware which will try to seize on the slightest chink to disrupt and

damage your business? Remember, malware can bring down networks and steal

confidential information, with serious implications for your business continuity and your

reputation, in addition to the financial cost of cleaning infected systems.

This MessageLabs White Paper looks at the implications of migrating to Vista in terms

of messaging and web security, and summarizes key issues you urgently need to

consider. It also highlights the comprehensive, cost-effective solution that

MessageLabs can provide, a solution that can successfully bypass the problems and

ensure you complete peace of mind during the migration process.

The information presented in this document is based on our hands-on experience of

providing proven messaging and web security management services, via 11 data

centers on four continents, for over 15,000 clients worldwide with around 1.5 billion

emails processed each week on their behalf.

Key Considerations

No fewer than 90 million new computers are set to be released with Windows Vista as

their primary operating system, with up to three times as many existing laptops

scheduled for migration in the course of 2007.

This process will take place against a general IT background where concerns about

messaging and web security have never been higher, as malware continues to wreak

havoc on corporate networks worldwide. Indeed, threats are growing more targeted

and sophisticated, combining with browser vulnerabilities, for instance, to make

malware harder to detect and more difficult to remove once a network has been

infected.

Are you sure

your security

solution will be

compatible with

Vista?

When migrating to Microsoft Vista, you should give serious consideration to a wide

range of top-level issues, all of which have important implications for your

organization’s messaging and web security:

• Are you sure your current security solution will be compatible with Vista?

• Will Vista’s new features interfere with your current solution?

• How much network and/or company downtime will be necessary during migration?

• Will you receive security updates, releases and signatures for Vista in a timely

manner?

• Will you have enough bandwidth to support updates and patches from Microsoft and

other vendors?

• Will your current security solution be able to deliver functions such as host-based

intrusion prevention and tamper protection?

• Will migration lead to operating system dependence that limits your choice of

software and hardware?

As well as these broad questions, there are a number of more specific potential

security problems to consider which include:

• Possible browser flaws that could make it feasible for attackers to inject rogue

software into Vista-based computers

• Bugs in the software code that might result in web users becoming infected with

malware simply as a result of visiting malicious websites

• Issues relating to operational plug-ins and laptop battery lifespan

• The possibility that Vista could crash when faced with attacks utilizing infected files

to deliver their payloads

Failure to take effective steps to address such issues and maintain the integrity of your

network could have extremely serious ramifications for your organization.

Security Priorities

Summarized below are some of the key security concerns that it is imperative to take

into account when migrating to Vista:

- Kernel Security

The kernel of an operating system is critical to its success. All other programs depend

on it, so a glitch in the kernel can make them crash or perform unexpectedly. However,

Vista’s PatchGuard is a contentious kernel protection technology, with several third-

party security vendors claiming it prevents them from updating their security solution

software. Although many vendors will have a chance to make submissions to the final

version of Microsoft’s APIs (Application Program Interfaces) when they become

available in Vista’s Service Pack 1, they are worried that their software and hardware

may face difficulties until the pack is released in mid-2007 (see next subsection).

In the meantime, vendors may try kernel patching. The aim of such software may be

laudable, but it could cause reliability and performance problems. The greatest risk,

though, is from virus and spyware writers who produce and disseminate kernel

patches that actually contain hidden malware. While Vista includes many brand-new

security features, kernel patch protection isn’t one of them.

- Delayed Service Packs

Serious risks

could result from

the delayed

release of Vista

Service Packs

and product

features

Serious risks could result from the delayed release of Vista Service Packs and product

features. Leaving your system unprotected, such delays could lead to intrusions and

application modifications by viruses, worms, trojans, spyware and adware, for

instance. Depending on how your system accepts and distributes product releases,

you may also need to consider bandwidth implications.

Furthermore, with third-party security vendors and Microsoft releasing new products

and updates at the same time, hackers can be expected to send out “releases” that

actually contain hidden malware. You should be on your guard against anything you

receive from any source that you don’t trust implicitly.

- Rootkit Attacks

Rootkits are a type of malware that costs global business millions of dollars each year.

They often try to gain access to an operating system’s kernel and can actually hide

themselves from the file system and from anti-malware tools, and ultimately from the

PC user’s view. This is crucial, where Vista is concerned, because hackers specifically

search for vulnerabilities in new operating systems that will lead to open doors to the

kernel. Ensuring effective, uninterrupted defense against rootkit attacks is therefore a

priority.

- Remote Command Attacks

Hackers may use remote command attacks to access and elevate privileges, for

example, or even to target Vista's kernel, which may cause a system to shut down

completely. The key weapon used by hackers to unleash this threat is malware hidden

in an email or a web page, so your organization can be vulnerable as a result of your

employees surfing the web, downloading email attachments and disabling pop-up

blockers, unless adequate security measures are in place.

- Undocumented IP protocols

An internet protocol (IP) suite is basically a set of layers, with each layer solving a set

of problems involving the transmission of data. Upper layers rely on lower layers to

translate data into forms that can eventually be transmitted. In Vista, undocumented

protocols with no known purpose in the product and problems with some new protocols

deep within the operating system represent potential areas of vulnerability. Specifically,

the use of Vista’s Internet Protocol Version 6, standard in Windows to support new file-

sharing applications could allow firewall tunneling and other outside attacks because

Whitepaper_Migrating to Windows Vista - Recognize the Security Risks_ltr.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: