Vista Only Marginally More Secure Than XP, Research Suggests

Independent security tests performed by CRN.com suggests that Windows Vista is only marginally more secure than Windows XP. CRN spent a week testing both operating systems against various Trojans, viruses and various exploits.

The tests were performed with Windows Vista Business on an HP Compaq 6515b notebook with Internet Explorer 7 (IE7) and an HP Compaq nc6400 with Windows XP with Internet Explorer 6 (IE6), both using the default security features and settings.

Finjan's RUSafe sniffer tool (a security tool that sniffs live traffic and generates logs that can be analyzed to help protect you against malicious web based attacks) was used to help analyze the data.

The computers were tested in 6 areas: Viruses, Spyware and Adware, Trojans, Remote Data Services (RDS) exploits, Vector Markup Language (VML) and other image file flaws, spoofing and testing and phishing.

Viruses

The Finjan RUSafe sniffer tool detected 20 instances of viruses detected in web sites, including suspicious file types, spoofed content, worms and executable files.

One virus and one worm were undetected by either operating system and none of the files were blocked by either operating system.

Spyware and Adware

Windows Defender, built into Windows Vista did pick up one IE Plugin spyware, but not all the variants of the same spyware were prevented by IE7. A few of the sites with spyware were undetected by IE7. The Windows XP machine with IE6 missed all of the sites with spyware.

Trojans

2 Trojans were tested with each system. Vista blocked one, warning that the file might cause problems, but missed the other one. XP gave similar warnings but allowed the engineer performing the test to run both.

Remote Data Services Exploits

RDS exploits are used by computer hackers to run denial-of-service (DOS) attacks to paralyze systems. Vista detected one RDS ActiveX exploit, but missed four others. XP failed to detect any of the RDS exploits.

Image files, spoofing and scripting

Vector Markup Language (VML) and other vector-based images are used to allow hackers to execute remote code. Both systems failed to block spoofed content and and vector-based images that used embedded scripts.

Phishing

Simply put, phishing is usually a type of email scam used to entice people into going to web sites that appear to come from trusted companies, asking for verification of certain information, such as passwords, account numbers, etc. in an attempt to steal your identity.

IE7 provides an extra security layer with a built-in phishing filter. When you surf to sites suspected of using phishing techniques, the filter turns red and you have to click on it to continue. IE7 failed to connect to Microsoft's security site several times. Also noted was the fact that several of the bots produced by various forms of malware kept trying to access remote hacking sites. Vista didn't stop that activity. XP with IE6 produced one pop-up warning.

After the testing was finished, both test machines were almost equally damaged by viruses, Trojans and other malware.

As noted by arstechnica, there was no mention of Vistas User Account Control, an extra "security" enhancement, designed to warn users when software attempts to access certain components.

By default, IE7 in Vista runs in protected mode which would force scripts to run at restricted privilege levels, unlike XP which allows scripts to run at administrator level. Theoretically, protected mode should alleviate the damage to a certain extent.

It would also have been nice to know exactly what happened after the malware attacked the systems. A little more information is needed to accurately compare both systems.

However, one thing remains perfectly clear. Regardless of which OS you're using, it's very important to have security measures such as regularly update antivirus and antispyware programs in place.

Visit Bill's Links and More for more great tips, just like this one!