locked
Open Letter To Microsoft Product Developers RRS feed

  • Question

  • Hello To Bill Gates and everyone at Microsoft...

    Viruses and trojans have being invading my privacy on the internet.

    You know why?

    1. WINDOWS FIREWALL: When I first started using Windows, I thought that Windows Firewall was leakproof. WRONG. Many leaktests proved that Windows Firewall was not secure at all.
    2. WINDOWS DEFENDER: I installed Windows Defender because my computer was infected with spyware. Didn't detect ANYTHING at all. All it did was crash my system.
    3. WINDOWS SECURITY HOLES: Another reason why my computer has every virus and trojan under the sun, is Windows Security Holes. Yep, you got that right. Security Holes. Any kid under 2 years of age can open some Microsoft product and there you go. Hey, I use Comodo Firewall Pro now. Every time I use Powerpoint while browsing the internet with Firefox at the same time, Comodo Firewall Pro says "Powerpnt.exe is using Firefox.exe to connect to the internet". Same thing with EXPLORER.EXE. That's something that Macrosoft should work on.
    4. BROWSERS WITH NO PROTECTION: Such as IE. For all new computer users using IE to view this right now, this next part will have you saying "Really?". Most Spyware And Viruses Target Internet Explorer.
    And to make things worst, they put BUGS in their applications.
    So get on that bus to Tux City and get a free copy of Linux today!

    And while you're at it, find the Comodo Dragon and ask him for a free copy of Comodo Firewall Pro.

    Safe Surfing!

    P.S  PLEASE stop with this secret automatic updates madness!! As if my machine doesn't have enough bugs in it!
    Saturday, December 1, 2007 5:10 AM

Answers

  • Hi,

    Thank you for your post. I fully understand the inconvenience the malware has brought to you and that the current situation can be frustrating.

    Please understand that security is relative. Nothing can guarantee the security of our computer 100 percent. However, we can continue to improve our computer's security if we keep our software up to date and maintain a current antivirus software subscription. That’s why we need to perform Windows Update and Virus Definition update from antivirus software manufacturers.

    Actually, in Windows Vista, all components have been designed and thoroughly reviewed for security risks and mitigation. Microsoft assembled a Secure Windows Initiative Attack Team (SWIAT), which spent considerable time evaluating threat models, attack surfaces, and risk mitigation factors for Windows Vista. The team also checked Windows Vista for vulnerabilities that had been discovered in Windows XP, patching both operating systems at the same time when needed.

    The development team used source code analysis tools throughout the development process, in order to find the types of classes of errors that might evade a typical compiler. They annotated all functions containing buffers. Additionally, they fuzz tested (a process of injecting random input data) any component that received un-trusted input. As a side note, many of the test tools that were internally developed to aid with the SDL process (such as FxCop) have now been made available to the public.

    The role of SDL in the development of Windows Vista is clearly making it a more secure operating system, and beta testing thus far has shown it to be significantly more robust than previous operating systems during beta testing. When your applications interact with Vista, they interact with the most secure version of Windows that Microsoft has ever built.

    The following are some security improvement features in Windows Vista:

    ·         Provides a fundamentally more secure IT environment

    Windows Vista is a more secure operating system to its core. This begins with Service Hardening for the prevention of abnormal activity or unauthorized access to parts of the operating system. Service Hardening restricts critical Windows services from making unauthorized changes in the file system, registry, network, or other resources that could be used to allow malware to install itself or to attack other computers. An enhanced update and patch process delivered through Windows Server Update Services and restart manager helps to install updates and patches more efficiently with fewer reboots.

    ·         Guards data and information on all computers

    Windows Vista provides a new level of encryption technology to protect critical data from theft or loss of devices through BitLocker Drive Encryption. By encrypting the entire Windows system volume, data is better protected, which prevents unauthorized users from compromising Windows file and system protection on any lost or stolen PCs. Data encryption and authentication via BitLocker prevents an unauthorized user who boots another operating system or runs a software hacking tool from breaking into Windows Vista file and system protections or viewing offline the files that are stored on the protected drive. Using BitLocker also helps your organization comply with data privacy regulations and reduces concerns about repurposing equipment.

    When you combine Windows Vista, the 2007 Microsoft Office system, and Microsoft Exchange Server 2007, you can easily extend security policies to e-mail and other forms of communication.

    ·         Protects individual users and the network from malware and attacks on data

    With Dynamic Security Protection and other new features, Internet Explorer 7 protects users from malware. Online security is enhanced with Windows Vista browser protected mode and anti-phishing tools that help protect user identity information and data.

    ·         Authenticates users easily while keeping administrative tasks at a minimum

    Windows Vista provides IT administrators with simpler and greater control over user access. User Account Control (UAC) reduces the attack surface area while minimizing disruptions to user productivity. UAC enables users to change common settings without requiring administrative privileges. Standard users are prevented from making potentially dangerous changes to their computers, and can run most applications. Unless they are performing a task that requires administrator privileges, administrators are treated as standard users, significantly reducing the chance of a hacker gaining administrator-level access to the system.

    Additionally, I’ve provided some security-related information as below. I hope it is helpful.

    ==========

    Microsoft Security At Home

    http://www.microsoft.com/protect/default.mspx

    http://www.microsoft.com/uk/athome/security/default.mspx

    Protect Your PC in 3 Easy Steps

    http://www.microsoft.com/uk/security/protect/alert.mspx

    Windows Vista TechCenter – Security and Protection

    http://technet.microsoft.com/en-us/windowsvista/aa905062.aspx 

    Security in Windows Vista: Setting a new standard

    http://www.microsoft.com/security/windowsvista/default.mspx

    Help: I Got Hacked. Now What Do I Do?

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

    Help: I Got Hacked. Now What Do I Do? Part II

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0704.mspx

    How A Criminal Might Infiltrate Your Network

    http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx

    Malicious Software Removal Tool

    http://www.microsoft.com/security/malwareremove/default.mspx

    The Day After: Your First Reponse To A Security Breach

    http://www.microsoft.com/technet/technetmag/issues/2005/01/IncidentResponse

    Get a free safety scan for your computer

    http://www.microsoft.com/protect/products/computer/safetyscanner.mspx

    If you need more help with virus-related issues, you can visit Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy.

    Thank you for choosing Microsoft.

    Sincerely,

    Joson Zhou

    Microsoft Online Community Support



    Monday, December 3, 2007 11:38 AM
    Moderator

All replies

  • Hi,

    Thank you for your post. I fully understand the inconvenience the malware has brought to you and that the current situation can be frustrating.

    Please understand that security is relative. Nothing can guarantee the security of our computer 100 percent. However, we can continue to improve our computer's security if we keep our software up to date and maintain a current antivirus software subscription. That’s why we need to perform Windows Update and Virus Definition update from antivirus software manufacturers.

    Actually, in Windows Vista, all components have been designed and thoroughly reviewed for security risks and mitigation. Microsoft assembled a Secure Windows Initiative Attack Team (SWIAT), which spent considerable time evaluating threat models, attack surfaces, and risk mitigation factors for Windows Vista. The team also checked Windows Vista for vulnerabilities that had been discovered in Windows XP, patching both operating systems at the same time when needed.

    The development team used source code analysis tools throughout the development process, in order to find the types of classes of errors that might evade a typical compiler. They annotated all functions containing buffers. Additionally, they fuzz tested (a process of injecting random input data) any component that received un-trusted input. As a side note, many of the test tools that were internally developed to aid with the SDL process (such as FxCop) have now been made available to the public.

    The role of SDL in the development of Windows Vista is clearly making it a more secure operating system, and beta testing thus far has shown it to be significantly more robust than previous operating systems during beta testing. When your applications interact with Vista, they interact with the most secure version of Windows that Microsoft has ever built.

    The following are some security improvement features in Windows Vista:

    ·         Provides a fundamentally more secure IT environment

    Windows Vista is a more secure operating system to its core. This begins with Service Hardening for the prevention of abnormal activity or unauthorized access to parts of the operating system. Service Hardening restricts critical Windows services from making unauthorized changes in the file system, registry, network, or other resources that could be used to allow malware to install itself or to attack other computers. An enhanced update and patch process delivered through Windows Server Update Services and restart manager helps to install updates and patches more efficiently with fewer reboots.

    ·         Guards data and information on all computers

    Windows Vista provides a new level of encryption technology to protect critical data from theft or loss of devices through BitLocker Drive Encryption. By encrypting the entire Windows system volume, data is better protected, which prevents unauthorized users from compromising Windows file and system protection on any lost or stolen PCs. Data encryption and authentication via BitLocker prevents an unauthorized user who boots another operating system or runs a software hacking tool from breaking into Windows Vista file and system protections or viewing offline the files that are stored on the protected drive. Using BitLocker also helps your organization comply with data privacy regulations and reduces concerns about repurposing equipment.

    When you combine Windows Vista, the 2007 Microsoft Office system, and Microsoft Exchange Server 2007, you can easily extend security policies to e-mail and other forms of communication.

    ·         Protects individual users and the network from malware and attacks on data

    With Dynamic Security Protection and other new features, Internet Explorer 7 protects users from malware. Online security is enhanced with Windows Vista browser protected mode and anti-phishing tools that help protect user identity information and data.

    ·         Authenticates users easily while keeping administrative tasks at a minimum

    Windows Vista provides IT administrators with simpler and greater control over user access. User Account Control (UAC) reduces the attack surface area while minimizing disruptions to user productivity. UAC enables users to change common settings without requiring administrative privileges. Standard users are prevented from making potentially dangerous changes to their computers, and can run most applications. Unless they are performing a task that requires administrator privileges, administrators are treated as standard users, significantly reducing the chance of a hacker gaining administrator-level access to the system.

    Additionally, I’ve provided some security-related information as below. I hope it is helpful.

    ==========

    Microsoft Security At Home

    http://www.microsoft.com/protect/default.mspx

    http://www.microsoft.com/uk/athome/security/default.mspx

    Protect Your PC in 3 Easy Steps

    http://www.microsoft.com/uk/security/protect/alert.mspx

    Windows Vista TechCenter – Security and Protection

    http://technet.microsoft.com/en-us/windowsvista/aa905062.aspx 

    Security in Windows Vista: Setting a new standard

    http://www.microsoft.com/security/windowsvista/default.mspx

    Help: I Got Hacked. Now What Do I Do?

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

    Help: I Got Hacked. Now What Do I Do? Part II

    http://www.microsoft.com/technet/community/columns/secmgmt/sm0704.mspx

    How A Criminal Might Infiltrate Your Network

    http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx

    Malicious Software Removal Tool

    http://www.microsoft.com/security/malwareremove/default.mspx

    The Day After: Your First Reponse To A Security Breach

    http://www.microsoft.com/technet/technetmag/issues/2005/01/IncidentResponse

    Get a free safety scan for your computer

    http://www.microsoft.com/protect/products/computer/safetyscanner.mspx

    If you need more help with virus-related issues, you can visit Microsoft Virus Solution and Security Center for resources and tools to keep your PC safe and healthy.

    Thank you for choosing Microsoft.

    Sincerely,

    Joson Zhou

    Microsoft Online Community Support



    Monday, December 3, 2007 11:38 AM
    Moderator
  • Hello Joson Zhou.

    Thank you for your reply. I'm taking a look at I Got Hacked. Now What Do I Do?
    Tuesday, December 4, 2007 6:10 AM