Got A Virus? It's Your Fault Says Microsoft

[Frick]

My work uses the newest version of Outlook and, with that in mind, I can honestly say that 99% of viruses are because Outlook has the security policies of a wet paper bag.

could you ellaborate on this mayhap?

 

[Easy Rhino]

Yes, that's right the maker of notoriously vulnerable software

sorry but i stopped reading after this line. this is supposed to be news, not opinion. if this were posted in any other section on this site it would be closed due to trolling.

 

[popswala]

i bet most ppl that get viruses are young ppl who click away and have to explorer the whole dang internet and then the older ppl that don't what something is and just clicks on it. (o look, a monkey wearing sunglasses wants my credit card number. I don't see why not) lol.

I haven't used windows firewall since xp (off and uninstalled) since it would restrict my bandwidth when I used emule. Nowadays I just run aviara, malwarebytes, spybot every now and then. Haven't had a problem in yrs. I had only one virus that would reset my pc during post/window logon. Only fix was being fast enough to get into bios and enter safe mode to format. Been clean ever since.

Isn't there something like an ip tracker or something that you can use to block and trace (to shut them down) those annoying spam emails? A lot of people get those stupid lottery or a relative past away in some weird country and left you their whole estate. I would love to stop all that annoying spam. I tried replying back a few times telling them to stop but it just comes back as undeliverable.

 

[Wile E]

Not so: just because back then it wasn't as secure as it is today is irrelevant. It's the OS maker's job to make it so that worms such as Blaster aren't possible to begin with.

It's one thing to get infected when you click on something you shouldn't but it's quite another to get infected by simply connecting to the Internet (not opening pages or anything): is this the user's fault? Only if you count installing the OS and connecting to the Internet: then, it's the user's fault.

Just because today's OSes are more secure doesn't mean they don't get affected, and this article proves that.

Ummmm, it's 100% irrelevant, since the article is about the status of these OSes in the first and second quarter of 2011, not 2003. It proves how far OS security has come since then, and also shows that most infections are presently user error.

That's like saying all Ford cars are now unsafe because Pintos exploded into fireballs in wrecks in the 70's.

 

[mastrdrver]

I need to put this link in my sig. Click me!

 

[Fx]

long live viruses!

you cant fix stupid...

 

[HTC]

If you left your damn machine unpatched, then hell yes, it's your own f*cking fault!

You're missing the point. The fact there was something that enabled the worm to work as it was designed to (before the patch) is the problem.
Why couldn't the OS come with whatever it was the patch fixed to begin with? If so, Blaster wouldn't exist since there was no whatever-it-was to be exploited.

Ummmm, it's 100% irrelevant, since the article is about the status of these OSes in the first and second quarter of 2011, not 2003. It proves how far OS security has come since then, and also shows that most infections are presently user error.

That's like saying all Ford cars are now unsafe because Pintos exploded into fireballs in wrecks in the 70's.

Much more secure, sure: with this i can agree.

Still, and to use an analogy:

I see loads of topics where people mention the hate of Seagate HDDs because this or that happened in the past. Why don't you explain to them "That was in the past: it's much safer now!" and see what their reaction is.

It's ballsy to claim most viruses are user fault when you're the maker of the software which allows for so much hacks: poorly coded? Dunno, really.

 

[m4gicfour]

This is precisely why I install Avast or MSE, Firefox with ABP and depending on the user a few other choice plug-ins.

No matter how many times you tell people about safe browsing practices, there are always those who come back saying "I didn't install that!" or have some spoof AV software telling them that their hard drive is mechanically damaged by a virus and it can be fixed by buying some software

Nobody has ever complained about free antivirus software, or about having less ads on their webpages. ABP blocks 90% of what users click on and get infected, and it increases the chances of the person using FF instead of dropping right back into using IE6.0 with 80000 toolbars

 

[Frick]

It's ballsy to claim most viruses are user fault when you're the maker of the software which allows for so much hacks: poorly coded? Dunno, really.

The every single piece of code ever is poorly written. Which it might be, I don't know. Or is it the fault of the creators of the code that are to blame? Is it a flash plugin's fault or the creator of Bloons TD fault that Flash have security issues?

 

[HTC]

The every single piece of code ever is poorly written. Which it might be, I don't know. Or is it the fault of the creators of the code that are to blame? Is it a flash plugin's fault or the creator of Bloons TD fault that Flash have security issues?

Maybe, dunno.

Why don't they create a team who's only job is to try and hack their OS? If they find the coding problems before the product is shipped to customers, it would help them, no?

Think of it as prevention rather then reaction: why wait for hackers and what not to find exploits and risk major problems if you can pay someone to do it and fix the problem before it reaches the end user?

 

[[H]@RD5TUFF]

While I agree in principal that the vast majority of infections are a result of the end user, how those infections are exploited is a result of security holes ion the OS.

 

[theJesus]

Why don't they create a team who's only job is to try and hack their OS? If they find the coding problems before the product is shipped to customers, it would help them, no?

Think of it as prevention rather then reaction: why wait for hackers and what not to find exploits and risk major problems if you can pay someone to do it and fix the problem before it reaches the end user?

Companies already hire consultants for that sort of stuff. It's called ethical hacking, penetration testing, etc.

 

[HTC]

Companies already hire consultants for that sort of stuff. It's called ethical hacking, penetration testing, etc.

Really? Was unaware of this. In that case, they should hire more "consultants".

 

[Frick]

Really? Was unaware of this. In that case, they should hire more "consultants".

I think it is more a case of "hackers gonna hack". I'd say it's damn near impossible to predict how code will be exploited before hand no matter how well it's written. And new technologies/understandings can be used to exploit older code, and how can you know what will happen a few years down the road?

I more secure system also means more restrictions.

 

[FreedomEclipse]

I think it is more a case of "hackers gonna hack". I'd say it's damn near impossible to predict how code will be exploited before hand no matter how well it's written. And new technologies/understandings can be used to exploit older code, and how can you know what will happen a few years down the road?

I more secure system also means more restrictions.

youre forgetting that Most AV software has a 'collective' like borg feature. If a computer gets attacked by a virus while it has anti-virus or Firewall running. Most security software will submit a report of the attack to support and support will come out with a new update that prevents the same attack from happening with other of the computers running the same security software providing they regularly update the databases.

Hackers gonna hack - thats correct. but depending how good they are, they are most likely only possible to use that virus or exploit a number of times before it gets patched over.

 

[arnoo1]

basicly it's your own fault when you have virussen, don't go unsafe site's, every user should no what he/she is doing on that thing,

i don't have had a virus in like 2 years

 

[dlpatague]

I agree with MS too. I can't count how many times I've had to fix my friend's comps because they got some AD malware or something on there. I even make sure to install AV and other programs like peerguardian on their comps yet they still get crap on their comps. I never should have shown them bittorrent either because they download virused stuff all the time. I never get viruses or malware. Ugh...I guess in the long run I make money off them because I charge them everytime I have to fix something for them. ROFL!

 

[twilyth]

Hackers gonna hack - thats correct. but depending how good they are, they are most likely only possible to use that virus or exploit a number of times before it gets patched over.

That's part of it, but the people who have actual skills are few and far between. Virtually every time the press calls someone a "hacker", doing so elevates them far above the station they actually deserve.

But like the old joke about 2 guys running from a bear, the average hacker doesn't have to be better than every other hacker, he just has to be better than the average user - and that ain't askin' a whole lot.

 

[[H]@RD5TUFF]

That's part of it, but the people who have actual skills are few and far between. Virtually every time the press calls someone a "hacker", doing so elevates them far above the station they actually deserve.

But like the old joke about 2 guys running from a bear, the average hacker doesn't have to be better than every other hacker, he just has to be better than the average user - and that ain't askin' a whole lot.

exactly

The average user assumes everything is secure, which is the worst kind of security.

 

[treehouse]

Funny.. I got a trojan on mine a month back, only after I installed MSE. Reason being, MSE turned off Defender which was by default stopping it, then MSE by default opened up the hole for it to get on.

So yes, it was my fault for trying out M$ branded AV software.

Epic M$, real epic.

this does not make any sense, windows defender would not have been 'stopping' it, it only permanently blocks or quarantines detections so even uninstalling windows defender would not have allowed that particular infection through, plus windows defender signatures are included MSE..

 

[Winston_008]

I've never seen any proof of this, so it's likely to be an urban myth, if a plausible one..

I agree well have to take it to mythbusters.

Personally. Ive had win 7 installed on my new pc over a month, with no extra security other than what windows offers, and have had 0 infections. But hey how would i know i have no a/v to check!

 

[The-Don]

Been on the internet since 96'. Never gotten a virus either. Although I agree that there are certain security vulnerabilities within the OS and other software, 99.999% of the problem is users.

As for malware, every person whose computer I have to work on regularly has one thing in common. They all use Internet Explorer. Those who use FF or Opera don't seem to get as many problems. Can you run IE safely? Certainly, but with default settings, the average user's PC will be full of crap in a few hours of running IE.

 

[micropage7]

yeah i agree, its from user fault.
from email, attachment, removable things
so it aint a surprise if said like that, and one more no matter what the largest os will be a good target to attack

 

[Derek12]

Been on the internet since 96'. Never gotten a virus either. Although I agree that there are certain security vulnerabilities within the OS and other software, 99.999% of the problem is users.

As for malware, every person whose computer I have to work on regularly has one thing in common. They all use Internet Explorer. Those who use FF or Opera don't seem to get as many problems. Can you run IE safely? Certainly, but with default settings, the average user's PC will be full of crap in a few hours of running IE.

ActiveX was evil in the old days of IE 4/5

 

[Ahhzz]

Question: was it the user's fault when simply connecting to the Internet gave you a 50% chance of getting infected by the Blaster worm within 12 minutes on Internet connection back in 2003?

Sasser...