Bit9

Jason Brooks from eWeek recently published a review for the final build of Vista that simultaneously praises and questions the slick new OS. Brooks observes that many of Vista’s most substantial new features can actually be implemented on Windows XP desktops using existing 3rd-party solutions. One prime example he singles out is Vista’s User Account Control which helps to lock down desktops and laptops. This means you don’t have to go through a large-scale Vista upgrade to achieve the benefits you seek.

Like malware researcher Joe Stewart, I also thought I had seen it all, until I saw this article on the SpamThru trojan. It describes a trojan that bundles and installs its own AV scanner. Why would a trojan want to do that? The reason is that by blocking other malware, SpamThru is trying keep all the computer resources to itself. This is malware using anti-malware to dominate both the OS and the malware competitors. Since trojan installations are highly profitable, and in some cases technically legal, more resources can mean many more thousands of dollars that are "legally" earned. I don't know whether SpamThru is polymorphic or not. In other words, I don't know if it evades signature-based defenses by encrypting itself. But in any event, an effective graylist application control system can stop trojans from installing in the first place.