Microsoft took a very sophisticated swing at security company F-Secure today over what turns out to be a poorly researched report about a proof of concept virus that F-Secure described as the "First Vista virus".
Monad originally was scheduled to be part of Windows Vista, but last June Microsoft started saying that it wouldn't include the technology with Vista but ship it with Exchange 12 instead.
Today Microsoft further clarified its plans: Monad definitely won't ship as part of Windows Vista.
"The next version of Exchange will leverage some of the technology developed as a result of our investment in “Monad”. It is a possibility that Monad’s timing could align with the update release to Longhorn Server, but it is too early to confirm that this will be the case," a spokeswoman for Microsoft told vnunet.com.
That takes care of the headline that F-Secure used in its report/blog posting, describing the flaw as the "first Vista virus". MSH has as much in to do with Vista as Apple has with SCO.
Furthermore, F-Secure saying that the virus exploits MSH by itself is wrong. Instead, the attack methodology is a common approach with any shell, be it in Windows, Unix or OS X.
"The viruses do not attempt to exploit a software vulnerability and do not encompass a new method of attack," the spokeswoman said.
She says it politely, but it comes down to this: F-Secure claims that it has found a way to break into Mercedes cars by smashing the side window. But in fact you can use the same approach to steal any car without bullet proof windows.
F-Secure couldn't be reached for comment.
Saying this is a Microsoft flaw shows poor judgement. This is what makes and breaks reputations.
Next time we'll take away the puppy!
Why does Facebook store "my entire call history with my partner's mum", asks developer who requested his Facebook data
Facebook database included text-message metadata - despite not using Facebook Messenger for SMS
Before Ocado could start selling the technology it had developed to other retailers, it had to tear down and rebuild its own monolithic architecture
Successful attack could result in harm to patients and financial loss, warns NHS governing body
Guccifer 2.0 claimed to be a lone Romanian hacker - until a schoolboy error gave him, her or them away