Symantec offers mixed grades for Vista security

Symantec published a series of four research reports on Feb 28 that critique various security elements of Microsoft's new Windows Vista operating system, including the software's ability to ward off existing malware threats.

Unsurprisingly, the security software maker, which still derives the bulk of its revenues from the estimated $3.6 billion market for technologies used to defend Windows computers, found a fair number of shortcomings in the latest iteration of Microsoft's dominant OS.

One of the biggest problems is that Vista remains vulnerable to existing malware attacks designed to take advantage of flaws in earlier versions of the OS, according to the reports. However, the Cupertino, Calif.-based antivirus market leader also highlighted a number of features built into the product that it said will advance end-user security.

An area where Symantec researchers said Microsoft has greatly improved security is related to the mitigation of virus attacks aimed at code-level vulnerabilities.

Previous versions of Windows have been shipped with scads of coding errors that allowed hackers to deliver malware threats, but work on the part of Microsoft -- such as through its Security Development Lifecycle program -- has helped lower the volume of available vulnerabilities, according to the reports.

The immediate benefit to Vista users will be the reduction of threats that use common infection techniques like buffer overflows and heap manipulations to deliver their payloads, Symantec predicted.

Another area where Symantec recognizes security improvement on the part of Microsoft is in the use of its reduced user privilege model in Vista, which is aimed at preventing virus attacks from upping the administrative status of infected PCs to boost malware proliferation and related damage.

While arguing that there may be the ability for hackers to disable Vista's new User Access Control, which is designed to keep users abreast of any changes attempted on their PCs by unknown software programs, Symantec concedes that the security tool should help fight malware attacks, including worm viruses.

Despite the praise and its submission that Vista thus far appears to be the safest operating system ever produced by Microsoft, the Symantec reports levels a great deal of criticism at many other aspects of the OS.

Vista is a more secure product than previous versions of Windows, but there is still plenty of need for users to buy the layered security defense products the security company markets, said Ollie Whitehouse, a researcher with Symantec's Security Response team.

"Vista is a security evolution, but not a revolution," Whitehouse said. "Microsoft did invest a lot of time and resources into the development of Windows XP SP2, and Vista is a continuation of that, and they addressed a number of core issues, such as buffer overflows, but it is still only an OS, not a security solution itself."

Vista may help stop some traditional types of attacks, such as worms, but Symantec maintains that newly emerging threats, integration problems with third-party Windows applications, and a range of other issues will keep users in the market for additional security tools.