Vista and XP Similarly Vulnerable

The CRN Test Center determined that people who use Windows Vista and Windows XP are equally vulnerable to viruses and exploits.

When Microsoft launched Vista it claimed that the operating system was more secure than others. But when the OS functioned in the wild Web, Vista's security was not enough to convince engineers at the Test Center.

The Test Center found many security holes in Vista although it has multiple layers of security and embedded security appliances. Not only does it lacks in any enhancement in virus protection compared to XP, but also has little additional security vs. its previous OS against threats like RDS exploits, image exploits, script exploits, VML exploits, distorted Web pages, and malicious URLs.

The engineers tested Vista and XP simultaneously for seven days exposing them to all types of malware, viruses and spyware. Although Vista came out the best because of its Windows Defender, the OS still contained security holes. While it was successful in blocking only known exploits and viruses, it could not stop zero-day attacks from penetrating its security layers.

The Test Center employed Finjan's RUSafe appliance to assess the HTTP traffic flowing to both the notebooks. RUSafe does more than just sniff; it can assess code activity and recognize malicious files. With RUSafe's report engine the engineers compared the two OSs and with the assistance of Finjan experts, they went to the familiar hacker sites.

Since the OSs were functioning without security suites installed on them, engineers could only visually scrutinize the response of each OS after visiting a site. They did not use any code tracing mechanisms in the OSs. But the RUSafe appliance presented with records about whatever moved to the two notebooks.

There were 20 instances over which the Finjan RUSafe appliance found websites with viruses, doubtful files, fake website contents, worms and executable files.

Stripping down the two OSs to the basic essentials, both Vista and XP are almost the same. As people use more of User Account Controls safeguard in Vista, hackers will find it easier to create a similarly looking UAC dialog box where people will again click "Allow".

Related article: Vista Can Run for 365 Days Without Activation

» SPAMfighter News - 6/13/2007