Vista backlash begins

Antivirus vendor Kaspersky has severely criticised security features in Microsoft's operating system, while IT professionals see Vista as a 'distraction'
Written by Tom Espiner, Contributor

With the launch on Tuesday in the UK of the consumer version of Microsoft Windows Vista, some critics have delivered an early backlash against the operating system.

Antivirus vendor Kaspersky has criticised key security features in Vista. The security company said that User Account Control (UAC), the system of user privileges which can be used to restrict users' administrative rights, would be ineffectual.

According to Kaspersky, many applications perform harmless actions that in a security context can appear to be malicious. As UAC flashes up a warning every time such an action is performed, Kaspersky says that users will be forced to either blindly ignore the warning and thus allow the action to be performed, or disable the feature to stop themselves going "crazy".

"If the user were to be notified about every one of these actions with a request for confirmation, or a request to enter a password, the user will either go crazy, or disable the security feature," said Kaspersky in a report.

The report was written by Alisa Shevchenko, a virus analyst at Kaspersky. It also criticised Kernel Patch Protection, or PatchGuard, the part of Vista that prevents modifications to the core system.

According to Shevchenko, the fundamental vulnerability of PatchGuard is that it functions at the same level as the core system that it is designed to protect.

"This means that if a malicious application has succeeded in loading its driver, it will be able to disable PatchGuard," the report claimed. "The major vulnerability within PatchGuard is architectural: the code which ensures protection is executed at the same level as code which it is designed to protect... This protection has the same rights as a potential attacker, and can be evaded or disabled."

PatchGuard provides "questionable protection against rootkits which modify the kernel," according to Shevchenko, and also cannot protect against rootkits that operate at other levels, like those that work by modifying dynamic data structures.

But according to Accenture, the management consultancy firm, Vista should deliver better security than previous Microsoft operating systems.

"We believe the focus that Microsoft has placed on Vista Security — from core OS changes, such as Windows Service Hardening through features such as BitLocker and the changes to user interface security — will contribute to a more secure product," said Stuart Okin, Accenture's UK head of Infrastructure. Okin previously worked for Microsoft as its chief security officer for the UK.

Microsoft launched the business version of Vista last November. However, it appears that few companies are planning to upgrade immediately.One survey published this week found that many IT professionals believe that Vista is not a priority for their organisations.

In the survey, conducted by email marketing company emedia, 54 percent of respondents said that application incompatibility will cause pain to those migrating to Microsoft's latest operating system, while 63 percent cited cost as a pressure point.

Less than half — 47 percent — of respondents expect their organisation to migrate to Vista in the foreseeable future, and more than a quarter — 27 percent — expect Vista to have no impact on their business within the next 18 months.

However, 82 percent of respondents expect Vista to improve security and compliance.

Okin argues that upgrading to Vista could be attractive to many firms, though.

"Companies have to consider factors such as an increasing 'virtual' workforce and the demands on collaboration — certainly one element of Vista that may make sense to them... Globalisation means firms need to innovate more to create competitive advantage. Crucially they need to turn information from a burden into an asset and Vista could well hold the answer," Okin explained.

Microsoft has also been attacked by the Green Party, which is concerned that people who upgrade to Vista will be forced to dump their current hardware.

Editorial standards