russell m. cozart
About Russell »
Contact »

print this page
McMURRY UNIVERSITY
Professor
Mr. Louis Voit
Semester
Fall 2007
 
Abstract
Net Criminals Will Evade Vista's Defenses
By Russell M. Cozart
Erik Larkin in PC World, August 2007

+ Windows Vista operating system has promised better security, and Microsoft has indeed built stronger protections into its flagship OS, but hordes of online criminals already have plans to keep their malware alive and kicking. The main problem lies with Microsoft's efforts to allow legacy XP programs to operate under Vista. This in turns leaves little or no need to modify existing malware programs that already do their dirty-work under XP's banner. Vista's User Access Control has proved to be a formidable defense. But malware designers have capitalized on the user's innate desire to simply click "OK" and sweep aside bothersome UAC requests to allow or block programs. UAC's main design flaw is that you have only two choices: block the requesting program entirely, or to allow if free reign on your PC (aka wreak havoc on your machine if, indeed, the program is malware). The new Protected Mode in IE 7 is a smart approach that limits the browsers ability to spread into other parts of the OS in case a crafty malware program has attached itself to IE, but there's little guarantee that users will choose to always operate under Protected Mode, and malware designers have already devised malicious JavaScript programs to steal information straight out of the browser, and to disappear once the browser closes.

+ I am just as security conscious as the next average PC user, but I am skeptical of doom-sayers about the inherent vulnerabilities of Vista. I was not always a Vista fan, but I have come to enjoy the OS quite a bit. Vista has incorporated what I believe to be sufficient security barriers to the attacks of would-be nefarious programs. I think the defenses included in Vista have significantly improved over those of XP already, and the new design of Vista alone has sent many of the hackers back to the drawing board. No operating system can ever claim complete security from such attacks, but I think that Vista has done its job in our defense. I support the transition to the OS, and firmly believe we will see even more security released in the first of the service packs.

Microsoft TechNet - Windows Vista Security Improvements
Symantec - Windows Vista Security

[ back to top ]


©2007 Russell M. Cozart. All rights reserved.