FUD Watch | Vista Less Secure Than Windows 2000?

CSOs are holding back on Windows Vista deployments for plenty of valid reasons. But a vendor "study" indicating Vista is more vulnerable to malware than Windows 2000 seems like a stretch.

. What's this?

By Bill Brenner, Senior Editor

May 28, 2008CSO

About FUD Watch: Senior Editor Bill Brenner scours the Internet in search of FUD - overhyped security threats that ultimately have little impact on a CSO's daily routine. The goal: help security decision makers separate the hot air from genuine action items. Those who wish to share their own examples of FUD can send them to bbrenner@cxo.com.

IT security execs continue to shun Windows Vista deployments in their organizations, even though Microsoft released it a year and a half ago. They base their uneasiness on a variety of legitimate issues.

Despite such new security features as encryption and Network Access Protection (NAP), many who have tested the operating system ran into a host of compatibility problems. Some complain that Vista doesn't play well with their home-grown applications and infrastructure supplied by third-party vendors. Others dismiss Vista's User Account Control (UAC) feature as more of a nuisance than the security warning system Microsoft billed it as; UAC generates a steady stream of pop-up boxes most users simply ignore.

Along the way, however, some vendors have tried to exploit users' Vista discomfort in ways that stretch reality.

Exhibit A is some "research" San Francisco-based security vendor PC Tools released earlier this month. The company said its research, conducted over a 6-month period using anonymous statistics from its ThreatFire user base, revealed that Vista is in fact more vulnerable to attack than Windows 2000, a relic of an OS that has fallen victim to countless exploits over the years.

According to stats gathered by the ThreatFire service, Vista failed to block 639 threats per thousand computers, compared with 586 for Windows 2000, 478 for Windows 2003, and 1,021 for Windows XP.

"Ironically, the new operating system has been hailed by Microsoft as the most secure version of Windows to date," PC Tools CEO Simon Clausen said in a press release. "However, recent research conducted with statistics from over 1.4 million computers within the ThreatFire community has shown that Windows Vista is more susceptible to malware than the eight-year-old Windows 2000 operating system, and only 37 percent more secure than Windows XP."

PC Tools recommends users never run Vista without additional antivirus and antispyware protection. In other words, the protection PC Tools sells.

To be fair, many security vendors have painted Microsoft as a poster boy for insecurity in an effort to promote their products. It's hard to fault them, since those vendors live and die by their sales figures. And Microsoft has given them plenty of ammo along the way.

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
RESOURCE CENTER