After a week of extensive testing, the CRN Test Center found that users of
Windows Vista and Windows XP are equally at risk to viruses and exploits and
that overall Vista brings only marginal security advantages over XP.
One of Microsoft's big promises with Vista was a more secure operating
system. But when stripped to the bare bones and thrown into the wild, wild
Web, Vista's security failed to impress Test Center engineers.
Vista remains riddled with holes, despite its multilayer security
architecture and embedded security tools. Besides providing no improvement
in virus protection vs. XP, Vista brings little or no security gains over
its predecessor against such threats as RDS exploits, script exploits, image
exploits, VML exploits, malformed Web pages and known malicious URLs, the
Test Center found.
Armed with two notebooks -- an HP Compaq 6515b notebook running Windows
Vista Business 32-bit Edition with the 256-bit encryption version of
Internet Explorer 7 and an HP Compaq nc6400 running Windows XP with the
128-bit encryption version of Internet Explorer 6 -- Test Center engineers
probed both OSes with some of the most dangerous exploits known today.
To even the playing field, all of the HP ProtectTools Security Manager tools
on both notebooks were shut down. None of the encryption tools and the
password-protect options were initialized. In addition, HP's ProtectTools
Application Protection Service was not activated. Only the default security
features and settings on both OSes were kept.
The Test Center selected Finjan's RUSafe appliance to analyze all HTTP
traffic going to both notebooks. RUSafe is more than just a sniffer; it can
analyze code behavior and identify malicious files. Engineers used RUSafe's
report engine to compare the OSes and, with the help of Finjan and other
experts, visited several known hacker sites.
Since the notebooks were running without any security suites, engineers were
only able to visually inspect the behavior of each OS after going to a site.
No code tracing techniques were used in the OSes. Instead, Finjan's RUSafe
appliance provided the records of what passed to each notebook.
Here's what we found:
1ST TEST: VIRUSES
The Finjan RUSafe appliance detected 20 instances in which viruses were
found in Web sites, suspicious file types, spoofed content on Web sites,
worms and executables.
For instance, the Mal/EncPK-F virus and the W32/SillyFD-AB worm penetrated
both OSes without detection.
None of the files were blocked by either OS. Both OSes failed to detect
illegitimate archives and some binary objects that were not digitally
signed.
2ND TEST: SPYWARE & ADWARE
Vista's Windows Defender, which is designed to detect various malware, gives
the new OS a slight edge over XP when detecting spyware and adware sites.
For instance, Vista was able to pick up one of the IEPlugin spyware. Yet not
all variants of the same spyware were detected through IE 7. In fact, three
passed through undetected. Vista also missed the HotBar spyware signature.
XP with IE 6 missed all of the sites with spyware. Most of the spyware came
from ****ography and hacker sites found through Astalavista's portal.
Surprisingly, Vista was able to detect adware built into the Zango player,
which is typically used for playing **** videos. Even so, the current
version of the Zango player could not run on Vista. XP did not provide any
warnings about Zango.
Windows Vista and Windows XP are equally at risk to viruses and exploits 
Linear Mode
