14 DAY TRIAL // The weakest link in Windows Vista is the network protocol stack. This because, with Vista, Microsoft has rewritten the network protocol stack from the grounds up. Symantec's conclusions on the security advancements brought to the table by Windows Vista single out the network protocol stack. The bottom line is that the Cupertino-based security company considers that this is an aspect of the operating system that has not yet fully matured.
"Network protocol stacks typically require many years in production environments to mature. Full maturation is achieved by giving bugs ample time and opportunity to manifest themselves, even given the extensive testing and security design process implemented by Microsoft. During the development cycle, Symantec researchers discovered three remote denial-of-service conditions and three historic network attacks that worked successfully on public beta versions of the operating system," revealed Symantec in the Security Implications of Microsoft Windows Vista white paper.
According to Symantec, network vulnerabilities are inherent with Windows Vita due to the sheer volume of new code. The Cupertino based security company predicted that flaws will surface with the growing adoption of Vista. Additionally, Symantec informed that the firewall integrated by default in Vista shares the same security holes as the network protocol stack.
A flaw has already been detected in the Windows Firewall. "Symantec researchers have already identified the existence of one unexpected firewall exception caused by an oversight in the core Windows Vista firewall implementation," reads a fragment out of the Security Implications of Microsoft Windows Vista white paper.
Symantec pointed out that IPv6 and Teredo are the two protocols that stand out from the new networking protocols of the operating system. The enhanced risk and exposure comes from the fact that the majority of Vista hosts are remotely accessible through IPv6 and Teredo.