This week Jim Allchin wrote on the Vista Blog a rebuttal to claims that some of the most recent Windows attacks will also be security holes in Vista.
First off, for the record, I am a fan of Vista for security reasons – it makes it far more difficult for viruses to compromise the system. It’s definitely a step forward.
However, I am a bit surprised by Jim’s reluctance to admit that Vista is vulnerable to security holes just like XP. Sooner or later, Vista is going to be hit by a nasty virus or worm, despite the best that Jim’s team has been able to do so far. He should not be ashamed of this, it is going to happen, and Vista SP1 will fix a whole series of problems.
The one question I wanted to know which I haven’t seen answered yet, is if you take this same set of 10 attacks, how many will compromise a fully-patched XP system? I think the answer is zero? If so, it isn’t clear that this study proves any strength (or weakness) in Vista yet.