Experts claim Vista security not fit for purpose

Powered by SC Magazine

Ineffective blocking capabilities in Windows Defender, slow definition
updates and weak antivirus.

Security firm Webroot Software has attacked Microsoft over "numerous security flaws" which it claims to have uncovered in Windows Vista.

Webroot said that it has evidence of potentially ineffective blocking capabilities in Windows Defender, and weak antivirus capabilities in the default anti-spyware and antivirus components of Vista and Windows Live OneCare.

Gerhard Eschelbeck, senior vice president of engineering at Webroot, said " We want to make sure that users understand Vista's limitations, and warn them that Microsoft's default malware blocking application and antivirus programs may not fully protect them."

The company claims that Windows Defender failed to block 84 per cent of a testing sample-set that included 15 of the most common variations of existing spyware and malware.

In evaluating its ability to block spyware and malware before it has infected a user's machine, Webroot's Threat Research Team found that Windows Defender's performance was not in keeping with many third-party security applications.

Adware, potentially unwanted programs, system monitors, key-loggers and Trojans were able to reside on the testing environment undetected by Windows Vista.

One item of malware was able to install under administrator privileges, and run and capture keystrokes without any adaptation from its Windows XP operating environment.

Windows Defender did not detect the installation or the running application, Eschelbeck said.

Microsoft currently issues spyware definition updates for Windows Defender every seven to 10 days.

But Webroot said that its Threat Research Team identifies 3,000 new traces of spyware and other unwanted applications in a single month on average, and issues spyware definition updates on an hourly or daily basis as needed.

In addition, Webroot complained that antivirus protection is not free for Windows Vista users. They must purchase the Microsoft Live OneCare suite for $49.95 for antivirus protection.

"We understand that Microsoft's main goal is to provide a new operating system that generally improves users' computing environments, and we genuinely feel that Windows Vista accomplishes this," said Eschelbeck.

"However, as a company that serves on the frontline in the battle against spyware and cyber-crime, we feel strongly that, in order to provide the best protection for internet users, security must be their top and only priority.

"We hope that, by providing information on possible security weaknesses in Windows Vista, users will be able to make informed decisions about their computing security needs."

Copyright ©

Experts claim Vista security not fit for purpose
Top Stories
Myer CIO named retailer's new chief executive
Richard Umbers to lead data-driven retail strategy.
Empty terminals and mountains of data
Qantas CIO Luc Hennekens says no-one is safe from digital disruption.
BoQ takes $10m hit on Salesforce CRM
Regulatory hurdles end cloud pilot.
Sign up to receive iTnews email bulletins
Latest Comments
Who do you trust most to protect your private data?

   |   View results
Your bank
Your insurance company
A technology company (Google, Facebook et al)
Your telco, ISP or utility
A retailer (Coles, Woolworths et al)
A Federal Government agency (ATO, Centrelink etc)
An Australian law enforcement agency (AFP, ASIO et al)
A State Government agency (Health dept, etc)

Do you support the abolition of the Office of the Information Commissioner?

   |   View results
I support shutting down the OAIC.
I DON'T support shutting the OAIC.