Windows Vista may be hailed as Microsoft's most secure operating system to date, but the platform contains weaknesses in its default anti-malware capabilities, one security vendor has concluded.
Research conducted by Boulder, Colo.-based Webroot Software showed "ineffective blocking capabilities in Windows Defender, slow definition updates and weak anti-virus capabilities in the default anti-spyware and anti-virus components" of Vista.
According to Webroot research, Windows Defender – a free anti-spyware program – failed to block 84 percent of 15 of the most common spyware and malware variants. In addition, Vista was slow to update spyware signatures, releasing an update for Windows Defender every week to 10 days, whereas some vendors release daily modifications.
"We applaud Microsoft for the substantive improvements and exciting new features offered in Windows Vista," said Gerhard Eschelbeck, CTO and senior vice president of engineering at Webroot. "However, we want to make sure that users understand the Vista operating system’s limitations, and caution them that Microsoft’s default malware-blocking applications and anti-virus programs may not fully protect them."
A Microsoft spokesman said the company believes Windows Defender will lead to increased safety, but users should not solely rely on it.
"While Windows Vista was engineered to be the most secure version of Windows yet, it is important to note that no operating system is 100-percent secure," the Microsoft spokesman said. "It has been Microsoft’s recommendation for all versions of Windows that users employ a defense-in-depth strategy to be more secure by keeping their software up to date, using a firewall, and installing an anti-virus and anti-spyware program, whether a Microsoft or third-party solution."
Last summer, Microsoft released Windows Live OneCare, billed as a simple all-in-one security blanket for PCs. The product includes anti-virus and anti-spyware protection, a two-way firewall, automatic updates, computer maintenance functions and file backup and recovery capabilities.
Click here to email reporter Dan Kaplan.