http://www.theregister.co.uk/2006/07/19/vista_security_analysis/
By John Leyden
Published Wednesday 19th July 2006 16:28 GMT
The networking technology underpinning Windows Vista may be less
stable on release that that behind Windows XP, according to an
analysis by security firm Symantec.
Microsoft has re-written its networking stack for Windows Vista in
order to allow for "easier maintenance, improved performance, and
improved stability". But an analysis by security researchers at
Symantec found a variety of security flaws with early builds of the
OS.
In a white paper based on this research, Windows Vista Network Attack
Surface Analysis: A Broad Overview
(http://www.symantec.com/avcenter/reference/ATR-VistaAttackSurface.pdf),
the researchers conclude that Vista may be less stable, at least for
the immediate future, than Windows XP. They reached this conclusion
after looking at the stability of Vista, searching for undocumented or
unexpected behavior and probing for the effect of adding support for
new protocols, such as native support for IPv6. Researchers also
looked for the susceptibility of Windows Vista to well known attacks,
fixed in previous versions of Windows.
The Symantec team are careful to note that their tests were conducted
on beta code, designed for testing purposes. Bugs are constantly
getting identified and fixed with each build. Symantec reckons that
the complete rewrite of Windows network stack - along with the
introduction of new protocols such as LLTD, IPv6, Teredo, SMB2, and
encapsulation - will prove a far bigger security headache for
Microsoft and its customers.
"A number of the issues we had identified in the earlier Vista builds
have already been fixed in later ones. We fully expect that trend to
continue up until Vista’s final release. [But] network stacks can take
several years of real-world scrutiny before they are battle hardened.
It will be interesting to observe to what degree the Windows Vista
network stack accomplishes this in such a compressed time frame,"
Symantec concludes in a posting about its paper on its security blog
here
(http://www.symantec.com/enterprise/security_response/weblog/2006/07/post.html)
See also:
http://www.theregister.co.uk/2006/07/28/ms_kernel_security_controversy/
Developers cry foul over Windows kernel security Lock-out
Recently introduced security measures by Microsoft will make it more
difficult to integrate third-party security tools with Windows,
according to a rival personal firewall firm.
FAQ
Profile
Private Messages
Log in
