Microsoft bets big on Vista security

Microsoft's Vista developers can't catch a break these days. After years of warnings from security researchers that old code in Windows was creating security risks, the software giant decided to rewrite key parts of the operating system. The result? Last week, Symantec published a report suggesting that all of this new code will introduce new security problems reports InfoWord.

"The network stack in Windows Vista was rewritten from the ground up. In deciding to rewrite the stack, Microsoft has removed a large body of tried and tested code and replaced it," Symantec wrote, noting that it found vulnerabilities in the Windows Vista networking software.

"Despite the claims of Microsoft developers, the Windows Vista network stack as it exist today is less stable than the earlier Windows XP stack," said after examining a beta release of the software.

After years of being blamed for countless security problems, Microsoft may be in a no-win situation.

The fact that Symantec was able to discover flaws in a beta release should not raise eyebrows, Cooper said. "There's a reason products are put in to beta, and it isn't because people just want to see the default colors change," he said.

If customers do not ultimately see Vista as a more secure product than its predecessor, however, it will be a disaster for Microsoft -- on an epic scale. Over the past few years, the company has literally reinvented the way it produces software, instituting a new set of software development practices known as the Security Development Lifecycle. It has retrained developers, built a suite of automated security testing tools, and, most remarkably, invited scores of independent researchers to have unprecedented access to early versions of Vista.

"Vista is really the first release of the operating system to go through our Security Development Lifecycle from beginning to end," said Ben Fathi, corporate vice president of Microsoft's Security Technology Unit. "That's fundamentally a different way of looking at building security into the platform."

Microsoft has gone to great lengths to publicize its Security Development Lifecycle, which was used in the development of Windows XP Service Pack 2, and SQL Server 2005. Company executives say that the strict development guidelines used for XP Service Pack 2 played a big role in eliminating the widespread worm virus outbreaks that seemed so common just three years ago.

The emphasis on security is perhaps best illustrated by an event that Microsoft executives have declined to discuss in detail: the recent slip in Vista's ship date.

Last March, Microsoft grabbed headlines by announcing that Vista would not be available in time for the 2006 holiday shopping season, as expected. Microsoft never gave specific reasons for the miss, but it was a major setback for a product that had already been five years in the works. Microsoft immediately reorganized the Platforms & Services Division division responsible for the delay, putting a new executive, Steve Sinofsky, in charge of Windows development

Privately, several sources familiar with Vista's development say that security concerns over Vista's security caused the widely publicized slip in the product's ship date.

 

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Consumer group recommends iPhone 8 over anniversary model
 
LTE connections wherever you go and instant waking should come to regular PCs, too
 
That fiction is slowly becoming a reality
 
The Snapdragon 845 octa-core SoC includes the Snapdragon X20 LTE modem
 
Human moderators can help make YouTube a safer place for everyone
 
Google says Progressive Web Apps are the future of app-like webpages
 
All 2018 models to sport the 'notch'
 
The biggest exchange in South Korea, where the BTC/KRW pair is at $14,700 now
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930
31      




Poll

Do you use microSD card with your phone?
or leave your own version in comments (4)