Friday, January 5, 2007

»  E-Mail
»  Print
»  Discuss
»  Write To Editor
»  Digg
»  Slashdot

Microsoft: Vista's Secure, Not Perfect




Disclosure of a zero-day vulnerability doesn't alter the claim that Vista is the safest Microsoft operating system so far, says company's security manager.



By Gregg Keizer
InformationWeek

Dec 28, 2006 01:14 PM

Last week's disclosure of a zero-day vulnerability in Windows Vista doesn't put a lie to the claim that it's the safest Microsoft operating system so far, a company security manager has said.

"The finding of vulnerabilities in any software is to be expected," said Stephen Toulouse, senior product manager with Microsoft's security technology group, in a blog posting earlier this week. "This is all part of the process of creating complex software today, and no one is immune to it. It's not, as they say, big news to us in the security industry."

Proof-of-concept code for an unpatched bug in all supported versions of Windows, including Vista, went public last week, prompting warnings from security vendors who classified the flaw as a low or medium threat. Microsoft has said it was "closely monitoring" the situation, but has not released any additional information since Dec. 22.

Toulouse countered that the exploit doesn't invalidate Microsoft's contention that Vista is more secure than its predecessor, Windows XP. "This product [is] the most secure version of Windows we've produced to date. That doesn't mean 'zero vulnerabilities.' No one can claim that crown," he added.

He also predicted that users would see more vulnerabilities early in Vista's lifespan than in previous versions of Windows. "We're probably going to see a higher initial rate of reported vulnerabilities to us than with previous versions of our products, given the early view researchers have had into Vista," Toulouse said. "This is going to help make the product stronger before many of the threats against it have a chance to emerge."

Other Microsoft executives, including Jim Allchin, the soon-to-retire head of the Windows unit, and chief executive Steve Ballmer, have repeatedly said that Vista will prove to be the most secure Windows yet. Like Toulouse, Allchin also has noted that no software can be considered 100% safe.

Said Toulouse: "No one will ever get the software right 100% out of the gate."

 



posted by Made4biz Security at 11:37 PM  

0 Comments:

Post a Comment

<< Home

Made4biz Security Translating real-world security knowhow into state of the art security systems.

Links

Made4biz Security

Turn on Sound for Demos:
Bill Gates Demo (Location-based)
Elvis Demo (Location/Context-based)
Clint Eastwood Demo (Temporal-based)

Previous Posts

Powered by Blogger

Subscribe to
Posts [Atom]

Technorati Profile

RSS Syndication

Made4Biz Security Inc