Vista "no silver bullet" says Symantec

Stephen Withers
Thursday, 01 March 2007 02:47

Your IT - Home IT

While Windows Vista is more secure than its predecessors, it still has its weaknesses, security vendor Symantec has warned.

In a research paper titled 'Security Implications of Microsoft Windows Vista', Symantec notes that technologies introduced in the new operating system "are very effective at protecting the core Windows operating system as well as Microsoft compiled applications" from exploiting memory corruption or manipulation vulnerabilities. Buffer overflows (one example of such issues) have been frequently exploited.

But other technologies don't automatically materialise with Vista - it's up to developers to take advantage of them by either rewriting their code or in some cases recompiling it with Microsoft's latest developer tools. Until applications are updated to take advantage of them, the vulnerabilities will remain. A few Vista components do not yet fully utilise the available technologies.

Furthermore, the implementation of at least of these technologies is flawed. Address Space Layout Randomisation (ASLR) is supposed to randomly locate programs in memory, making it harder for an attacker to target memory corruption or manipulation vulnerabilities. Symantec has determined that randomness is far from uniform, and certain addresses are far more likely to be used than others, increasing the probability of successfully guessing the location.

This problem should be fixed in Vista SP1, but there's more.