Microsoft's
Windows
Vista is more secure than previous versions of the operating system,
according to security experts.
Symantec's
latest set of white papers found that rootkit malware will not install in Vista
without users being notified, and that all kernel-level rootkits are blocked
unless users ignore multiple pop-ups and click the 'Allow' button.
Graham Cluley, senior technology consultant at
Sophos, said
that the User Account Control in Vista is an important enhancement designed to
prevent the installation of malware.
"However, it is also very intrusive with a high number of alerts that end
users need to respond to, so there is a strong likelihood of it being disabled
unless they are trained in how to use it," he added.
"This is one of the weaknesses that malware authors will undoubtedly attempt
to exploit."
Symantec's study found that between 96 and 98 per cent of malware such as
spyware and Trojans is also blocked.
However, the firm warned that malware writers could decrease those
percentages by making only minor changes to their code.
Cluley agreed that Vista is the most secure operating system yet from
Microsoft, but pointed out that it will still be targeted.
"Better security does not mean perfect security. The only 100 per cent secure
computer is probably one without an internet connection, and with the keyboard
and all disk drives disconnected," he said.
"There is malware that can successfully run on Windows Vista, so early
adopters of the new operating system should still worry about worms, Trojans,
spyware and the like."
Symantec's report also noted that the kernel protection is only offered in
the 64-bit version of Vista, and that the 32-bit version is still open to
attack.
Symantec praised features in the operating system that allowed developers to
make their code harder to exploit.
But it also warned that this protection is only available if developers
include it, and is missing from older Windows XP software and even some core
components of Vista.
Symantec originally mauled Vista back in August 2006, pointing to security
flaws that would allow computers to be easily overtaken by malicious parties.
"During this research we discovered a number of implementation flaws that
continued to allow a full machine compromise to occur," the 2006 report said.
"By exploiting these flaws, a low-privilege, low-integrity level process can
bypass User Account Protection, and ultimately execute code at a high-privilege,
high-integrity level."
However, those tests were carried out on early release code and Symantec said
that security would continue to be addressed until the final release, with some
of the holes already plugged by Vista Beta 2.
Cluley concluded that the battle would continue between virus and malware
writers and the team behind Windows Vista.
"There will continue to be flaws found in Windows Vista, and users will need
to ensure that they are putting appropriate measures in place to defend
themselves," he said.
Do you agree?
Have your say on this article