Resouce Guides / Windows Vista

Vista security flaw no surprise

The media is having a field day about the newly discovered flaw in Microsoft's latest. greatest and possibly last desktop operating system, Windows Vista. However, to experts the discovery of the relatively minor vulnerability is really no surprise.

During routine Patch Tuesday updates throughout 2006, a number of vulnerabilities were identified that could impact beta versions of Vista as well current versions of Windows. Therefore, it is reasonable to assume that further vulnerabilities will discovered as weeks, months and years of Vista use progress.

The only question is will Vista users be safer from malicious exploits than users of current and earlier versions of Windows.

A Microsoft technical expert told us earlier this year, that Vista would not eliminate the monthly patch cycle that we've all become used to. However, he expected the patches to be fewer and further between. These are similar promises made for earlier versions of Windows.

One of the main selling points of Vista security is that it more clearly distinguishes between user and administrator privileged access to the operating system kernel. Vista gives users with user privileges, no power to touch the operating system. Administrators can virtually do what they like.

This should work within enterprise installations - indeed most enterprises already tightly control what privileges users have under current versions of Windows. However, many experts believe home users are likely to simply give themselves administrator access, and turn off the UAC (user account control) feature, which is relatively simple to do.

A fact that Microsoft will likely be forced to accept is that many, if not most, home users will be administrators. Thus, promises of a security Nirvana awaiting us on January 30 are likely to fade into the distance as they did with previous versions of Windows.

Given security is an issue that will always be with us, no matter what the operating system, a question for this user is whether after five years of extensive development, Microsoft has succeeded in eliminating periodic system freezes and inexplicable system shutdowns accompanied by the "blue screen of death".

We have come to accept antivirus and firewall packages as a fact of life. Unfortunately there is no package you can buy that will guarantee system stability. If Vista succeeds in that area, where previous versions of Windows have failed, it will have justified its reason to exist.

Contact Us | Authors | Subject Index | RSS Feeds

Copyright ©2007