Microsoft partner: Vista less secure than XP

19 March 2007 06:31 AM

Tags: microsoft, security, windows xp, operating system, antivirus, malware, patchguard, symantec

Security company Kaspersky claimed that Vista's User Account Control (UAC), the system of user privileges that can be used to restrict users' administrative rights, will be so annoying that users will disable it.

Natalya Kaspersky, the company's chief executive, said that without UAC, Vista will be less secure than Windows XP SP2. "There's a question mark if Vista security has improved, or has really dropped down," she said to our sister site ZDNet UK at the CeBIT show in Hanover last week.

Kaspersky provides one of the scanning engines in ForeFront, Microsoft's business security product.

Arno Edelmann, business security product manager for Microsoft, said that Kaspersky's claims were surprising. "We have a thriving community of partners, and Kasperky is one of our best partners," Edelmann told ZDNet UK. "I find their statements a little strange because they have one of the best insights into Microsoft security products."

After being roundly criticised over its security strategy in the past, Microsoft has done a lot of work to improve its approach and has been touting Vista as its most secure operating system. But Kaspersky confirmed that her analysts had found five ways to bypass Vista's UAC, and that malware writers will find more security holes.

Kaspersky also added her voice to Symantec and McAfee complaints that PatchGuard, designed to protect the Vista kernel, is hindering security companies' work.

"PatchGuard doesn't allow legitimate security vendors to do what we used to do," said Kaspersky.

Symantec has claimed that PatchGuard is hurting security vendors more than it was hurting malware writers. Bruce McCorkendale, a chief engineer at Symantec, said: "There are types of security policies and next-generation security products that can only work through some of the mechanisms that PatchGuard prohibits."

Eugene Kaspersky, the company founder, said last Thursday that while vendors had to interact with Vista legitimately, hackers were under no such constraints.

"Cybercriminals seem not to care about Vista licensing," said Eugene Kaspersky. "They don't need to follow regulations or be certified by Microsoft -- antivirus vendors do."

Tom Espiner reported for ZDNet UK from London

Talkback (19)
Print
E-mail
Share
- del.icio.us
- Digg
- Reddit
- Slashdot
- StumbleUpon

Talkback 19 comments

Add your opinion

It's obvious Anonymous -- 19/03/07

Vista shouldn't be use as a primary OS until the first service pack for it comes out by the end of this year.
1. Service pack does what!? Anonymous -- 20/03/07
  
  Service packs won't do anything to help the performance issues. Windows never got smaller and Microsoft has never made patches that fully address a problem.
  
  A good example will be that Microsoft could simply remove the annoying nags and leave it at that.
  Nobody wants to acknowledge the poor performance and displaced requirements of Vista, which I find more distressing than preventing hapless users from breaking their own systems...
  
  I'm not accusing Microsoft of making an immaculate operating system, but they sure are off the mark when you scan the competition.
  - Reply to comment
  - Report offensive content
Vista Anonymous -- 20/03/07

I could not agree more. I turned off the User Account Control the second day I had Vista. Every time you wanted to do something, the damn thing popped up asking for permission. I felt like I was ten and had to ask my mother permission to do something.
the point is... buddyJ -- 20/03/07

a patchGuard is just a first step on a way to reach a final goal, where a hardwere and software technology are making kernel unaccesable for anything else than OS. MS is saying 'get used to windows in which only bad guys modyfies the kernel'. until now malware and protection security vendors used the same technology, but in some time future this techonlogy will become unavailable (thanks to hardware producers, not MS) and MS whants vendors to be ready for this moment.

PS. sorry for my english
UAC Anonymous -- 20/03/07

UAC isn't annoying at all I thought at first I would hate it but when you actaully use Vista you don't really notice it. I've been running vista since launch and have only put avast anti virus on two days ago and I haven't had a single problem. I wonder how much of this is the av vendors seeing the writing on the wall and scare-moungering. I wouldn't be surprised if the av vendors weren't the source of some new attack just to scare everyone.....
The first thing I did Anonymous -- 20/03/07

This feature was so annoying. I couldnt even run a control panel app without it warning me.

Now I WANT warnings, for apps that run from unsigned sources, but I DONT want warnings for using windows calc.

I was disappointed that there wasnt even an option to train this program to stop warning me about programs.

Eventually I just turned it off, now I have no security in that department at all.
1. Not true Anonymous -- 26/03/07
  
  In my experience only a couple of control panel applets require UAC. Calc, btw, does not.
  - Reply to comment
  - Report offensive content
did you really expect better? Anonymous -- 21/03/07

An OS job is to interface the hardware to the software. MS lost this concept years ago, with 95, abet it did do a better job as an interface, the trend has been to simply their job instead of doing it by forcing the software to only send more and more limited commands to the software. API are a good idea, but instead of helping translate code into something the hardware can understand they have become IDE which tell the software what they can send and break when the software and the hardware become more advanced than the API. Of course with vista instead of multi API were the best one for a paticular job is used all requests go through some sort of MS controlled API so that everything slows down extra calls are made to the CPU and programs that use machine code get around them but are considered malware so only the bad code is stopped by the MS APIs since MS belives all code is going through it. Any more detailed will tell people how to break stuff, so good day.
Threatennig? Anonymous -- 23/03/07

[Quote]
Cybercriminals seem not to care about Vista licensing," said Eugene Kaspersky. "They don't need to follow regulations or be certified by Microsoft -- antivirus vendors do.
[/Quote]
Doesn't that mean "Don't narrow our market or else we security companies can write such viruses that you and your product could highly loose its "repute"
1. Vista Stupidity Sue -- 17/04/07
  
  I can't believe the stupid crap i hear about vista, it's broken and it can't be fixed the drm restrictions is killing the api's and there is no fix for DRM
  - Reply to comment
  - Abuse reported
Think smarter AV company's Anonymous -- 23/03/07

[Quote]
Cybercriminals seem not to care about Vista licensing," said Eugene Kaspersky. "They don't need to follow regulations or be certified by Microsoft -- antivirus vendors do.
[/Quote]

Since the Cybercriminals don't care about licensing etc. then maybe the AV vendors should take a similar stance. Not that they should still from MS etc. but start thinking like the virus writers/malware writers and make their products so that they will work on Vista. Bypass the "security" in Vista and make sure your AV software works similar to a virus in that it runs hidden and with more efficiency. Getting MS "certified" should be the least of their worries IMO. Make your software work in spite of MS's attempts at limiting you etc. Think outside the box and make it work, I'd bet their revenue would increase.

Just my 2 cents worth.
Boo Hoo! Anonymous -- 24/03/07

I fully agree with the above comment.

[Quote]"Cybercriminals seem not to care about Vista licensing," said Eugene Kaspersky. "They don't need to follow regulations or be certified by Microsoft -- antivirus vendors do."[/Quote]

The SEEM not to care. Geez, you figure?! It's pretty sad when hackers have their sh** together better than security software companies.
Vista security flaws Alex -- 26/03/07

Decent flavour of Linux would be an healthy alternative.It WORKS FINE and it is free.Secure as well.
Microsoft Whiner Society John Wible -- 05/04/07

The MWS consists of computer users who readily purchase, install and use Windows, then go about trashing the OS in every fashion imaginable. MWS is part of the Microsoft Bashing Society. The MBS and MWS are quick to point out how much better this or that OS or program (other than Microsoft programs) is. Linux is better. Firefox is better. Any word processing software is better than MS Word. And it goes on and on. The security issue is alive and well. No matter what Microsoft does or does not do in this respect, there are those, led by the likes of Symantec and Kapersky, who say the MS security sucks, but here, folks, buy OUR program: ours doesn't suck. I've had no problems with Vista or UAC. This is why I'm not qualified for membership in the MWS or MBS.

In closing, might I suggest that all those malcontents out there who know of all MS's problems get together and design the perfect operating system themselves? After all, they're experts in finding out what's wrong, thus it follows that they should be experts in building an absolutely error-free in every respect. I'll be the first in line to buy such a program. Until then, I'm sticking with Microsoft.
1. Whiners for a reason Anonymous -- 16/04/07
  
  Simply, real computer people whine because the design of $MS software is terrible, and unfortunatley is on 90% of the worlds PC's, and someone has made megabucks out of Joe blogs for an inferior product. The people who whine are usually the ones who have a better product to offer however are muscled out of the market by a MSmarketing. A sad state of affairs, as the average user does'nt know any better.
  You, like many other $MS defenders are not freeing the market for innovation and competition, the only driver for a better life for the average user.
  As for security, no other OS in the world has been so venerable to attacks in the history of the computer. Think about it.
  - Reply to comment
  - Report offensive content
2. umm... Anonymous -- 05/06/07
  
  Isn't that why they use Linux and further develop that?
  - Reply to comment
  - Report offensive content
That's a good point Anonymous -- 11/04/07

Good point... but I think that AV companies value the dollars of large business with many desktops, whose IT professionals want support from Microsoft when something breaks. Microsoft won't offer help when you're using non-certified software solutions with their OS.
AV software is one IT market with true competition, in which if you make a better product then you win more customers.
I think Microsoft is unduly exercise its control over AV vendors here. It's certification process is too slow, but that just hurts its own product, when only Microsoft protects the user, and no other product can actually provide 'defence in depth'. If Microsoft speeds up its certification process and lets AV vendors do their job (instead of protecting their OneCare offering from true competition) than Vista will be a more attractive product. Wake up Microsoft.
Conspiracy Theory BrianC -- 12/04/07

Yes, I also thought the AV companies are in best position to create viruses. Thereby generating market needs. And being the one who write the virus also mean they know how to fix it and fix it quick. I think that would be a good plot for a hollywood movie :)
oh got yet again Anonymous -- 16/04/07

vista UAC works quite well actually.

it doesn't like application writing for example to system folder of HKEY local machine. it doesn't like applications installing drivers. it doesnt like applications or users pasting stuff in the programs folder.

if such things occur it is going to ask you to elevate your status from regular users to administrator the elevate back. you still need your internet security product to make sure you are going to website which dont use java script exploit to download something and others.

look no solution is perfect you are always having some soft of trade off. i know that i have been a programmer for many years.

Vista UAC to me seems well designed. the only part I have seen from it being annoying is that if you try to delete a folder in programs file folder it will ask you twice about it. once it will say look this is important stuff you should not be touching it the second time it will say look now that you said yes anyway to this dangrous thing you can't do in un priviledge mode we need to elevate you.

can they make that expericen better? perhaps yes?

but over all vista UAC works well and as more applications release version of products that are UAC aware it will make life much more awesome.
Vista Anonymous -- 04/06/07

After 2 months researching how to go Vista - new hardware, software, drivers, security issues - and given the technical abilities of our ace staff, we finally agreed we should make the big switch-over. On Wednesday we ordered 8 Mac Pros.

Our biggest decision-making influence:
http://www.bbspot.com/News/2007/02/windows-vista-upgrade-decision-flowchart.html

Add your opinion

Latest Videos

Play now

Planet CNET: Spins, blurs, and flashing lights
It sounds like a bad acid trip, but on this edition of Planet CNET, we spin in Singapore, get blurred out in F… Watch it now
Animal Euphemisms and Robot Musicians -- Club Builder
Dot-com boom and bust: The movie
iTunes 7.7
More videos »

Blogs

iPhone suckers test our patience
So how many of you have bought a 3G iPhone? Do you feel like a sucker? If you don't, maybe you will once your first bill arrives.
Westpac bank: AVG's toughest competitor
The next time you're buying antivirus software, don't go direct to Symantec or McAfee. Don't download free antivirus. And definitely don't see Harvey Norman. Ask your bank — they're quite literally giving the stuff away.
Will you manage in the exabyte era?
Mammoth growth in storage volumes is a fact of life, but even so it's helpful to pause occasionally and try and work out whether our information strategies have fallen hopelessly out of step with the pace of technological growth and changes in costs.
More blogs »

Reader Services

Essentials

Superguide: Printers
Looking to buy a printer? Our superguide rates the latest printers and shines a light into the industry.
Datacentre 2020
In 2020, datacentres are estimated to be cleaner, greener and more flexible - but will they be any safer?
Broadband speedtest
How fast is your Internet connection? Calculate the speed here.

Microsoft partner: Vista less secure than XP

Talkback 19 comments

It's obvious Anonymous -- 19/03/07

Service pack does what!? Anonymous -- 20/03/07

Vista Anonymous -- 20/03/07

the point is... buddyJ -- 20/03/07

UAC Anonymous -- 20/03/07

The first thing I did Anonymous -- 20/03/07

Not true Anonymous -- 26/03/07

did you really expect better? Anonymous -- 21/03/07

Threatennig? Anonymous -- 23/03/07

Vista Stupidity Sue -- 17/04/07

Think smarter AV company's Anonymous -- 23/03/07

Boo Hoo! Anonymous -- 24/03/07

Vista security flaws Alex -- 26/03/07

Microsoft Whiner Society John Wible -- 05/04/07

Whiners for a reason Anonymous -- 16/04/07

umm... Anonymous -- 05/06/07

That's a good point Anonymous -- 11/04/07

Conspiracy Theory BrianC -- 12/04/07

oh got yet again Anonymous -- 16/04/07