Vista backlash begins

Vista backlash begins

Summary: Antivirus vendor Kaspersky has severely criticised security features in Microsoft's operating system, while IT professionals see Vista as a 'distraction'

SHARE:
TOPICS: Security
2

With the launch on Tuesday in the UK of the consumer version of Microsoft Windows Vista, some critics have delivered an early backlash against the operating system.

Antivirus vendor Kaspersky has criticised key security features in Vista. The security company said that User Account Control (UAC), the system of user privileges which can be used to restrict users' administrative rights, would be ineffectual.

According to Kaspersky, many applications perform harmless actions that in a security context can appear to be malicious. As UAC flashes up a warning every time such an action is performed, Kaspersky says that users will be forced to either blindly ignore the warning and thus allow the action to be performed, or disable the feature to stop themselves going "crazy".

Read this

Live from the Vista launch

Check out ZDNet UK's live blog from the British Library, where Bill Gates launched Vista to the world

Read more

"If the user were to be notified about every one of these actions with a request for confirmation, or a request to enter a password, the user will either go crazy, or disable the security feature," said Kaspersky in a report.

The report was written by Alisa Shevchenko, a virus analyst at Kaspersky. It also criticised Kernel Patch Protection, or PatchGuard, the part of Vista that prevents modifications to the core system.

According to Shevchenko, the fundamental vulnerability of PatchGuard is that it functions at the same level as the core system that it is designed to protect.

"This means that if a malicious application has succeeded in loading its driver, it will be able to disable PatchGuard," the report claimed. "The major vulnerability within PatchGuard is architectural: the code which ensures protection is executed at the same level as code which it is designed to protect... This protection has the same rights as a potential attacker, and can be evaded or disabled."

PatchGuard provides "questionable protection against rootkits which modify the kernel," according to Shevchenko, and also cannot protect against rootkits that operate at other levels, like those that work by modifying dynamic data structures.

But according to Accenture, the management consultancy firm, Vista should deliver better security than previous Microsoft operating systems.

"We believe the focus that Microsoft has placed on Vista Security — from core OS changes, such as Windows Service Hardening through features such as BitLocker and the changes to user interface security — will contribute to a more secure product," said Stuart Okin, Accenture's UK head of Infrastructure. Okin previously worked for Microsoft as its chief security officer for the UK.

Microsoft launched the business version of Vista last November. However, it appears that few companies are planning to upgrade immediately.One survey published this week found that many IT professionals believe that Vista is not a priority for their organisations.

In the survey, conducted by email marketing company emedia, 54 percent of respondents said that application incompatibility will cause pain to those migrating to Microsoft's latest operating system, while 63 percent cited cost as a pressure point.

Less than half — 47 percent — of respondents expect their organisation to migrate to Vista in the foreseeable future, and more than a quarter — 27 percent — expect Vista to have no impact on their business within the next 18 months.

However, 82 percent of respondents expect Vista to improve security and compliance.

Okin argues that upgrading to Vista could be attractive to many firms, though.

"Companies have to consider factors such as an increasing 'virtual' workforce and the demands on collaboration — certainly one element of Vista that may make sense to them... Globalisation means firms need to innovate more to create competitive advantage. Crucially they need to turn information from a burden into an asset and Vista could well hold the answer," Okin explained.

Microsoft has also been attacked by the Green Party, which is concerned that people who upgrade to Vista will be forced to dump their current hardware.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • I agree

    <I>"If the user were to be notified about every one of these actions with a request for confirmation, or a request to enter a password, the user will either go crazy, or disable the security feature,</I>

    I've fixed and deloused several computers in the last few years. After installing Zonealarm, and several protections (Spyware guard, Startup monitor, Avast AV) which all have pop-up alerts. 90% of the time, when I get the computers back to be deloused again, I find that at least one possibly ALL have been removed. The reason is, they pop up so many alerts, people can't get anything done.

    Personally I don't mind, and why I have at best 1 or 2 malware attacks a year. But these people are different, and inside 6 months they're overloaded again.

    MS is going overboard with Vista, from the DRM, to this overprotective feature. Vista won't be any safer, because as you said. People will turn off that protection inside an hour. I know *I* would.

    If MS really wants to protect people, adopt the linux protective way. A root/superuser account for installing stuff, then a normal account whereby you can damage only that account, not the entire system.

    Maybe the NEXT version they'll figure that out...but I suspect it'll be at least 3 more versions before they fix it. Seems it takes 3 tries before they get something fixed.

    - Kevin
    kcredden2
  • Windows is virus free

    Well the thing with Vista is that it resets the virus count.

    Microsoft can say things like Vista is the most secure operating system around - because it has no vulnerabilities - actually I think Bill DID say that to Steven Levy last week.

    So they can go and make claims about how wonderful things are and make people feel safe happy and warm having embraced and extended people's lives.

    Then in two or three years time when people come to rely on Vista to run things we'll get one of those big attacks which means most of the UK will have to stop for a couple of days while tech support rebuilds and reformats all the machines in use.
    jgpmolloy