Vista Security Woes

1 2 3 4 Page 2
Page 2 of 4

Nagging Defense

User Account Control (UAC) has the best of intentions behind it. According to Microsoft's own estimates, a whopping 95 percent of all pre-Vista Windows users perform everyday tasks logged in with Administrator credentials that let them make any kind of system changes--but that also allow malicious hackers to hijack a PC easily. By default, UAC requires a password for such tasks, keeping users--or malware--from haphazardly changing sensitive parts of the OS.

But UAC is its own worst enemy. Its frequent pop-up prompts seriously annoy many users, particularly during setup of a new machine. The prompts appear less often after about ten days of heavy use, but some early adopters have never made it that far.

"These alerts just kept popping up constantly and unnecessarily," says Sergio E. Yáñez, a Vista user who works as a vice president at a New York bank. "I would try to move a file between folders and have to deal with these prompts. Very, very annoying."

Like many other people, Yáñez responded by turning off UAC completely. In his case, he had to turn it back on to run some older games that required additional user rights, but the fear within security circles is that many irritated users will disable UAC and leave it off, or else get into the habit of clicking 'Allow' at every prompt, defeating the purpose entirely.

"The average user will be programmed to click 'Allow' for everything," says Roger Thompson, chief technical officer for security vendor Exploit Prevention Labs.

Unneeded Access?

Also, security researcher Joanna Rutkowska says that UAC has a design weakness in that it requires giving all program installations full system access whether they need it or not. (Rutkowska's report is on her blogging site.) Microsoft says that it included the potential weakness to ensure a smooth user experience, and it has not announced any plans to change UAC's design.

Vista's built-in antispyware app, Windows Defender, offers daily scans but missed a third of spyware and adware samples in tests.
Vista's built-in antispyware app, Windows Defender, offers daily scans but missed a third of spyware and adware samples in tests.
A second major addition to Vista's security arsenal is Windows Defender, an antispyware tool that is available at no cost for XP and is baked into Vista's guts. Though not meant to be a full antivirus utility, it can easily scan for spyware applications that suck up system resources and bombard you with pop-up advertising. Defender also offers additional protection when you download files via Internet Explorer 7.

A great idea. But in independent tests performed by the AV-Test security lab (AV-Test.org), Defender detected only 65 percent of 14,517 adware and spyware samples in an on-demand scan. By comparison, detection rates for eight antivirus programs with built-in antispyware ran between 73 and 99 percent for the same test sample.

"Windows Defender is not very good in my eyes. Most, if not all, stand-alone and integrated antispyware solutions are performing a lot better," says Andreas Marx, CEO of AV-Test in Germany.

1 2 3 4 Page 2
Page 2 of 4
  
Shop Tech Products at Amazon