Let's cut the crap about Vista security

Stan Beer
Thursday, 15 February 2007 16:42

Opinion and Analysis

At first the media were crowing that there were no Vista flaws to be patched. Then it was oops there was in fact one critical bug, although it was actually part of the Windows Defender security software. The real issue is, however, is that there WAS a vulnerability in Vista and there will be more.

I can almost hear Vista advocates screaming from the rafters: "For heaven's sake it was just one tiny Vista flaw out of 20." To them I say baloney!

How many Vista users are there in the marketplace compared to XP, Win 2000 and Win 98 users? Where are the efforts being focussed by the security companies who discover these flaws? Where are the hackers most likely to direct their exploits? Not Vista with its still tiny user base.

No doubt as Vista gets more widely used, more vulnerabilities will be discovered and more zero day exploits will surface. Remember this is an operating system that is necessarily backwardly compatible with previous versions of Windows. Also remember that one of the key selling points previous versions of Windows was their stability and improved security.

Is Vista more secure than XP? Probably, unless of course you run it in administrator mode and turn off features such as the User Account Control that many users report to find annoying.

Here is a prediction. As each monthly Tuesday patching cycle is revealed to the public, there will be an increasing number of update patches released for Vista. Assuming Vista becomes the predominant Windows operating system by say 2009, as some analysts suggest, the monthly patches will be no fewer in number than they are today and the majority will involve Vista or the Microsoft software that runs on it.

At first glance, Vista looks to be a very nice, powerful and resource hungry operating system. But let's not kid ourselves; it's no more a security silver bullet than Windows XP.