Businesses having second thoughts about Vista

Fewer businesses are now planning to move to Windows Vista than seven months ago, according to a survey by patch management vendor PatchLink, while more said they will either stick with the Windows they have, or turn to Linux or Mac OS X.

In a just-released poll of more than 250 of its clients, PatchLink noted that only 2 percent said they are already running Vista, while another 9 percent said they planned to roll out Vista in the next three months. A landslide majority, 87 percent, said they would stay with their existing version(s) of Windows.

Those numbers contrasted with a similar survey the Scottsdale, Ariz.-based vendor published in December 2006. At the time, 43 percent said they had plans to move to Vista while just 53 percent planned to keep what Windows they had.

Today's hesitation also runs counter to what companies thought they would do as of late last year. In PatchLink's December poll, 28 percent said they would deploy Vista within the first year of its release. But by the results of the latest survey, fewer than half as many -- just 11 percent -- will have opted for the next-generation operating system by Nov. 1.

Their change of heart may be because of a changed perception of Vista's security skills. Seven months ago -- within weeks of Vista's official launch to business, but before the operating system started selling in retail -- 50 percent of the CIOs, CSOs, IT, and network administrators surveyed by PatchLink said they believe Vista to be more secure than Windows XP. The poll put the security skeptical at 15 percent and pegged those who weren't sure yet at 35 percent.

Today, said PatchLink, only 28 percent agreed that Vista is more secure than XP. Meanwhile, the no votes increased to 24 percent and the unsure climbed to 49 percent.

Reconsiderations about Vista have given rival operating systems a second chance at breaking into corporations. Last year, Linux and Max OS X had only meager appeal to the CIOs, CSOs, IT and network administrators surveyed: 2 percent said they planned to deploy the open-source Linux, while none owned up to Mac OS X plans. July's survey, however, noted a six-fold increase in the total willing to do without Windows on at least some systems: 8 percent of those polled acknowledged Linux plans and 4 percent said they would deploy Mac OS X.

PatchLink's survey results fit with research firms' continued forecasts that corporate deployment of Vista won't seriously begin until early next year. Although Microsoft recently announced it had shipped 60 million copies of Vista so far, it has declined to specify how many buyers are businesses, or even what percentage of the estimated 42 million PCs covered by corporate license agreements have actually upgraded to Vista.

The poll also offered evidence that corporations are even more afraid of zero-day vulnerabilities -- bugs still unpatched when they're made public or used in exploits -- than they were last year.

Zero-day vulnerabilities are the top security concern for the majority of IT professionals, according to the survey, with 53 percent of those polled ranking it as a major worry. In the December 2006 survey, only 29 percent of the administrators pegged zero-days as their top problem.

"The prospect of zero-day attacks is extremely troubling for organizations of all sizes," said Charles Kolodgy, an IDC research director, in a statement accompanying the survey. "Today's financially motivated attackers are creating customized, sophisticated malware designed to exploit unpublished application vulnerabilities in specific applications before they can be fixed."