14 DAY TRIAL // When Windows Vista became commercially available on January 30, 2007, the operating system also stepped into the slaughter house. As the adoption rate of Windows Vista will increase, and as the operating system will switch places with Windows XP and become the dominant presence on the market, the operating system will also grow to the most sought after item of prey on the desktop.
Security company Symantec has used its crystal ball and looked into the future of Windows Vista. "The release of an operating system that is expected to be widely adopted will likely have a significant effect on the security landscape," stated Symantec. The Cupertino-based security outfit did underline the fact that its predictions associated with the evolution of the threat landscape are speculative in nature. Discussing the emerging threats and issues that will become standard over the next couple of years, Symantec could not stay away from mentioning Windows Vista.
According to the Cupertino-based company, Windows vista will face attacks on three different fronts: vulnerabilities, malicious code and the Teredo protocol. Symantec has little faith in the success rate of the Security Development Lifecycle, considering that it did not make Vista foolproof and that in turn will cause vulnerabilities to be extremely subtle. Additionally, while mitigation technologies, including address space layout randomization (ASLR), GS, and data execution prevention (DEP) will help reduce the exploitation level of certain vulnerabilities, the attack techniques will be adapted to circumvent them.
Symantec has also warned that Windows Vista is by no means immune to legacy threats, and that as such, security solutions are a must for the operating system. "Teredo is a protocol developed by Microsoft to enable the transition between versions of Internet protocol (IP), one of the protocols underlying all Internet-based communications. Teredo is enabled by default in Windows Vista. Computers using Windows Vista can easily be identified through Teredo. Attacks sent over Teredo will often bypass organizations' network security controls since the protocol is tunneled through network address translation (NAT) over an IPv4 UDP connection. Many security products don't support Teredo and thus would not inspect it. This could make Windows Vista susceptible to attacks through Teredo," Symantec added.