Vista Security: Gadgets Could be New Avenue of Attack
At least one security vendor is warning that Vista’s widgets (small utility programs like desktop applications form Google and Yahoo) could become a popular method of attack. The problem, is that gadgets are applications with full access to process resources. They are not like Java applets that run in a sandbox. This is bad news according to some.
One problem is the potential for one widget to change the behavior of another. Ulrika Hedquist writing in PC Advisor quotes Eric Chien of Symantec
"And because all gadgets support JavaScript, cross-platform infections are possible," he adds. "A Yahoo gadget could, potentially, infect a Vista gadget, for example."
Although it should be relatively easy to spot script code that directly modifies another widget, malware writers are likely to use modifying code to obscure the function their code. Again, from the PC Advisor article:
On the other hand, because most gadgets are written in script languages, it is also quite easy to add to the existing code and modify the gadget. Some frameworks do prevent gadgets from being modified, but gadgets are easily modified in Vista, [Chen] says.
Gadgets written using compiled languages will require anti-malware tools for signature-based or behavior-based detection. Fortunately, Microsoft and security vendors have worked out their differences about Vista kernel access and there will be plenty of third-party options when the consumer version of Vista ships next week. See Gregg Kezeir’s Microsoft Lines Up Vista Security Partners in Dr. Dobbs Portal for more on that.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
