14 DAY TRIAL // Talk about the ultimate clean start... Windows Vista will be nothing short of immaculate following the release of the first service pack next year. Microsoft promised to purify the operating system of vulnerabilities with SP1. This is of course an integer part of the Redmond company Secure Development Lifecycle process that produced Windows Vista in the first place. And as far as Microsoft is concerned, Vista is a success in terms of security. The company has targeted from the get go half the number of security flaws compared to Windows XP and according to its own calculations, it delivered on the forecast. In this context, Microsoft continues to beat the old drum of Vista as the most secure Windows operating system on the market. And this marketing strategy does not indicate signs of changing after the release of SP1 in the first quarter of 2008.
"We can know from a recent vulnerability reports comparison that Windows Vista had 50 percent fewer critical vulnerabilities than XP SP2 and far fewer critical vulnerabilities than other competing operating systems in their first respective 180 days after release. We have addressed any known vulnerabilities in the appropriate manner and those changes will be in Windows Vista SP1 as well. At the same time, we are always looking at the proactive work we can do to improve the product before we receive reports of potential vulnerabilities. We have invested significantly in tools, training and techniques to improve the security of our software. We are constantly looking for and learning about new means of improving security, as well as new ways software is being pushed by those wishing to do harm. Using these learnings, we improve our tools, which we then use to analyze and proactively continue to harden Windows Vista," commented Jon DeVaan, Senior Vice President of the Windows Core Operating System division at Microsoft.
One of the additions introduced to Vista via SP1 will be Secure Development Lifecycle process updates. This is the cleansing that I was talking about at the beginning. The updates are designed to scrap code patterns associated with the security vulnerabilities that have impacted Windows Vista this far in order to avoid a repeat. "Windows Vista SP1 will contain a significant number of code changes focused on the ongoing work to continue making Windows Vista the most secure operating system available. We are being proactive -- these code changes do not represent vulnerabilities, rather they are coding practices that we continue to hone and improve in the ongoing race against escalating and evolving security threats," DeVaan added.