Vista more insecure than XP


Symantec has made a research and affirming to there research Windows Vista will be more insecure than Windows XP, because most of the new code is fresh, and the old code isn’t used anymore…

Microsoft has removed a large body of tried and tested code and replaced it with freshly written code, complete with new corner cases and defects,” the researchers wrote in the report, scheduled for publication Tuesday. “This may provide for a more stable networking stack in the long term, but stability will suffer in the short term.

Also by using new tehnologies, such as IPv6 and peer-to-peer protocol will be a part of the new insecurity thread:

“As these technologies see wider deployment, we expect IPv6 and the new peer-to-peer protocols to play an increasing role in the delivery of malicious payloads,” the Symantec paper said. “These features are critical to the success of Microsoft’s peer-to-peer initiative but are also the same features that attackers need to deliver malicious content.”

So it seems that besides the system requierments needed for Vista it’s even likely to be used because of the future insecurity issues…

Source: news.com.com

Posted in: Hacking News

, , ,


Latest Posts:


Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.


5 Responses to Vista more insecure than XP

  1. felix July 19, 2006 at 7:08 am #

    I do not agree with the point.
    Although the code of Vista is fresh, it is well tested and the development of this OS is exactly followed the requirements of secure software development art.

  2. Gouki July 19, 2006 at 8:55 pm #

    I don’t agree that Windows XP is insecure. It’s just a matter of how you configure it.

    … and let’s wait until we get a final release of Vista before making comments about the the security problems. These companies should know better.

  3. Maxwell November 18, 2006 at 8:42 pm #

    I agree with the comment that it is “how you configure it(xp)”
    That is really true running as restricted user and using the “run as”
    feature is pretty good also xp pro does have alot of security features built in.
    The problem is Microsoft’s agenda of wanting to control people,and how better to do that than have the consumer pc market all run as admin and phone home to M$ headquarters every time you turn on the internet.
    They do nothing to educate people on how to run as restricted user.
    xp home is a joke they stripped all the security features you get with xp pro
    you don’t even get the security tab to set files permissions unless in “safe mode” I am really surprised M$ has not been sued for this crap.

  4. Gouki November 18, 2006 at 8:58 pm #

    I think that as time passes by Microsoft has changed their standing on educating users.

    Several newsletters especially made for home users can be something very useful for the proper way of handling, using and administrating Windows.

    Are the home users interested in these? Fuck no!

    Are administrators interested in these? 40% of them are.

    What the hell then? If people think that it’s just installing and voilá, well, don’t expect it to do miracles.

    I don’t think Windows is a bad OS – it has like everything else, flaws – I think the users MAKE IT look bad (the stupid ones, at least).

    Fortunally there are ‘power users’ who understand what’s under the hood and how to work with it who try and share the truth: Windows is a good Operating System.

  5. backbone November 22, 2006 at 8:48 am #

    yeah but there are better (and cheaper) alternatives of course… and don’t take so many resources as Vista does…