Vista as insecure as Windows 2000
Good news for users of Windows Vista. According to figures compiled by PC Tools,
the OS has experienced only slightly more vulnerabilities than Windows 2000,
which appeared eight years ago when malware was far less common.
Or is that the bad news? Despite having a reputation as the least vulnerable
of Microsoft's operating systems, Vista still managed to record 639 unique vulnerabilities
over roughly the last half year, which puts it in a worse position than the
aging Windows 2000, which experienced 586 over the same period.
Windows XP, which still accounts for the overwhelming volume of the Windows
user base, had 1,021, with Windows 2003 Server reaching 478.
The Australian security company collected statistics on the number of infections
by analyzing figures from anonymous users of its ThreatFire community, with
vulnerabilities double-confirmed by third-party anti-virus engines. The numbers
are per 1,000 machines on each platform.
"Microsoft has invested a great deal in making Vista more secure, by providing
a number of security enhancements which were not in prior Microsoft operating
system releases," concluded PC Tools CEO, Simon Clausen. "But industry
experts have been reluctant to confirm its improved resistance to malware with
good reason."
"Since its launch, Microsoft has flagged the increased level of protection
Vista provides as one of the key reasons why consumers should upgrade from Windows
XP to Vista. If Microsoft's forecasts for the operating system are correct and
Vista's market share increases significantly, we could expect infection rates
to increase further on Vista," he added.
The problem with these bare statistics is that they make no mention of how
serious these vulnerabilities were -- Vista has recorded few that come into
the 'most serious' category by comparison with XP. They also don't specify where
the vulnerabilities were uncovered. The majority of vulnerabilities are not
in the OS itself and are traced to problems in browsers, for instance, and can
even apply across platforms.
Microsoft would also point out that the user access control (UAC) feature of
Vista stops malware from exploiting the OS without the user at least being aware
that something is happening. Windows 2000 and XP lack even this basic level
of protection.
On the other hand, Vista has had its embarrassing moments, securitywise. Only
weeks ago, Microsoft had to explain how the .ANI animated cursor bug was allowed
to find its way into Vista code without being patched as part of the much-vaunted
Security Development Lifecycle (SDL).
» posted by abennett
Techworld.com
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
