The row between PC Tools and Microsoft over Windows Vista security escalated today with PC Tools attacking the effectiveness of Vista’s User Access Control (UAC) tool.
Earlier this week, Microsoft attacked results of a
PC Tools' study which found Vista allowed 639 threats per thousand PCs compared with 86 for Windows 2000.
In a blog posting, director of Windows product management security at Microsoft, Austin Wilson, said
Microsoft rejected the claims and vowed that Windows Vista was significantly less susceptible to malware than older operating systems.
However, in a statement released today, PC Tools said the company maintains its comments last week that Vista is not immune from online threats.
According to PC Tools, the latest raw data confirms that approximately 121,000 pieces of malware were detected on approximately 58,000 unique Vista machines in the ThreatFire community.
These Vista machines had at least one piece of malware actively running on their system.
Additional investigations found that 17 percent of all threats were Trojans, while worms accounted for five percent, spyware for three percent and viruses for two percent.
“Online threats such as Trojans, worms and spyware have the potential to seriously impact consumer privacy and security online.
“These threats can cause substantial damage by acting as backdoors for hackers to access personal and confidential information,” said Simon Clausen, CEO of PC Tools.
Meanwhile, PC Tools also revealed that Microsoft’s Malicious Software Removal Tool in Vista was not a comprehensive anti-virus scanner, but a malware removal tool with a limited range in response.
“The Microsoft MSRT checks for a significantly smaller, specific range of malware than other third-party products. It is therefore not surprising that the percentage of infections detected by the Microsoft MSRT is significantly smaller than what ThreatFire has detected," Clausen said.
It is also equally important to note that we regard the implementation of Microsoft’s UAC (User Account Control) ineffective in providing protection against malware for two reasons, said Clausen.
“Firstly, UAC alerts are shown too frequently for non-malware and therefore users are either simply ignoring the alerts and permitting all actions or turning the UAC off. One might argue that showing recurrent alerts for routine actions trains users to ignore the alert information and unknowingly letting threats penetrate the system.
“Secondly, because the UAC is limited in the number of activities it monitors, malware can also penetrate the operating system by evading detection,” Clausen said.