Symantec offers mixed grades for Vista security

Symantec published a series of four research reports on Feb 28 that critique various security elements of Microsoft's new Windows Vista operating system, including the software's ability to ward off existing malware threats.

Unsurprisingly, the security software maker, which still derives the bulk of its revenues from the estimated US$3.6 billion market for technologies used to defend Windows computers, found a fair number of shortcomings in the latest iteration of Microsoft's dominant OS.

One of the biggest problems is that Vista remains vulnerable to existing malware attacks designed to take advantage of flaws in earlier versions of the OS, according to the reports. However, the Cupertino, Calif.-based antivirus market leader also highlighted a number of features built into the product that it said will advance end-user security.

An area where Symantec researchers said Microsoft has greatly improved security is related to the mitigation of virus attacks aimed at code-level vulnerabilities.

Previous versions of Windows have been shipped with scads of coding errors that allowed hackers to deliver malware threats, but work on the part of Microsoft -- such as through its Security Development Lifecycle program -- has helped lower the volume of available vulnerabilities, according to the reports.

The immediate benefit to Vista users will be the reduction of threats that use common infection techniques like buffer overflows and heap manipulations to deliver their payloads, Symantec predicted.