Users who run Windows are well accustomed to malware/spyware et al that can make running a Windows machine a constant battle to prevent, an ulcer inducing experience when installing downloaded software and a headache when this aforementioned “ware” takes hold. These people will no doubt be keen to get as many security updates as possible and for me I would liken the experience as being very similar to the story of Sisyphus from Greek mythology. For every one you remove, the whole process repeats itself shortly after.
Without going into an argument of “Well Windows is the most popular platform, its bound to be targeted more” – which I would suggest is of little comfort to any victims of malware et al, lets look at the latest attack which although has had a warning issued, you just know there will be some who will still fall victim.
Its being reported on the Windows blog that there is an exploit/trojan that users need to be aware of:
This imposter is known in the technical world of antimalware combat as “Win32/FakePAV”. FakePAV is a rogue that displays messages that imitate Microsoft Security Essentials threat reports in order to entice the user into downloading and paying for a rogue security scanner.
Source: Windows Blog
Whilst I would not want any Windows user to fall foul of the latest malware scam, it does serve as a reminder about how lucky Linux users are. I can’t remember anytime when I’ve been bugged by a pop-up, had packages close on me as a result of a malicious download or in fact had any worries about security. Now that doesn’t mean a Linux user can be flippant in the face of possible attack but what I suggest is that locking down my system does not invade my thoughts to the point that it did when I ran Windows at home. Is Linux inherently more secure than Windows regardless of popularity? I would say it is, that’s my opinion, but I would respond to any suggestion that Linux is less likely to come under attack because of the market penetration by saying that I doubt any victim of malware on a Windows system would take comfort from that when they find themselves a victim.
Windows Blog makes another points which I think need addressing:
This malware can potentially cause consumers and small business owners harm.
Can potentially? It’s yet another piece of “ware” that Windows users need to look out for, yet another thought of suspicion when a legitimate security update is offered, it’s yet another concern for people to keep in mind when they are using their PC and trying to be productive. I’d say regardless of if a user gets it or not, this WILL cause harm, even if it’s just more paranoia and distrust that a Windows user has when being online.
As I Linux user as I say I don’t have concerns such as this, so let me quote users from the Windows Blog who have taken the time to make comment:
….mine has been infected by this couple of times, have to remove it manually.. so far, seems it is spread via Live Messenger, can you confirm this?
Have to say that I was a victim of this – it royally screws up the system, not allowing any program to launch.
which is kindly answered with
Live Messenger can certainly be used to spread it if you’re not careful with clicking on links and downloading files – just like other trojans and malware. It’s just another way into your system.
So after a release of this security alert on October 25, you already have users reporting that they’ve already been a victim and in one case allegedly a repeat victim. I’m sure they are still happy though, it’s because Windows is used by more people, that’s why they suffer. In a statement which I find rather depressing, another comment states “It’s just another way into your system” a rather sad indictment of the state of Windows security?
You can read all the comments on the Windows Blog and I’d suggest if you are a Windows users, you read the warning and take notice.
You can also contact me on Skype: tim.openbytes
If you are new to this blog (or have not yet read it) please take time to view the OpenBytes statement, here.