Symantec: Vista fairly secure but still full of holes

Symantec says Microsoft has done a decent job securing Vista, but there are still many holes that could be exploited

Windows Vista delivers on some of the security improvements Microsoft promised for it, but there are still a host of ways attackers can exploit the OS and leave users open to threats, according to findings by Symantec.

The security vendor's Security Response Advanced Threat Research group Wednesday released four reports on the security implications of Vista -- with two more to come next week -- and found that while the underlying OS is more secure, there are still unplugged holes that will allow malicious code to penetrate a user's system, said Oliver Friedrichs, director of Symantec's Security Response Emerging Threats group.

"There are areas where they are to be commended [because] they have eradicated certain types of threats," he said. "But there are areas where Microsoft falls short and continues to create exposure for consumers and enterprises."

Microsoft has done a good job at locking down the core OS against memory-manipulation threats, such as buffer overflows that were used by worms such as Blaster and Sasser to attack Windows, Friedrichs said. This security improvement has spurred attackers into changing their tactics and target third-party applications that run on the OS rather than the OS itself, he said.

It's in protecting applications where Vista falls short, Friedrichs said. "Third-party applications are still exposed," he said.

Third-party application drivers running on the 64-bit version of Vista are especially vulnerable due to the ability to disable the driver-signing feature of the 64-bit kernel, Friedrichs said. Symantec security researchers were able to disable this new feature -- which requires all kernel drivers to be signed digitally by a reputable party in order to load into the kernel -- in just one week.

Other new 64-bit kernel features -- patchguard and code integrity -- also could be disabled in a week, he added. Patchguard protects the kernel from direct threats such as rootkits, and code integrity enables the OS to protect itself and its applications from external manipulation.

Another feature in Vista that was supposed to improve the security of the system actually poses a new security threat, Friedrichs said. User account control, a feature that can be set up so a Vista user has limited privileges to access an application or an administrator function, actually can be bypassed by hackers to allow someone to gain full and unrestricted access to the OS, he said.

"Originally it was considered to be one of the most notable security technologies in Vista," Friedrichs said. "More recently, because of research done both by Microsoft and third parties, we found that the technology is not as effective as originally envisioned."

Friedrichs acknowledged that it may be self-serving for Symantec, which offers add-on security products for Windows, to publish findings that the OS is not secure. But he said that his group conducted its research by a legitimate scientific method. Moreover, the research is intended to provide recommendations to Microsoft for improving Windows security in the future.

In a statement through its public-relations firm, Microsoft defended its position that Vista is the most secure client version of Windows to date. But the company said it will take into consideration research by Symantec and other parties about Vista and make changes if necessary to make the OS even more safe against possible threats.

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Elizabeth Montalbano

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?