Report Casts Doubt on Vista’s Security Impact

An early review of the much-publicized security features due in Microsoft’s next-generation Windows Vista operating system concludes that the tools may be so unfriendly to users that they delay enterprises’ move to adopt the new product.

In a research report published May 8, analysts at Boston-based Yankee Group said that Microsoft’s latest attempt to better secure its dominant OS is significantly off the mark. Based on feedback garnered by the experts from a wide range of software developers already testing preview versions of Vista, Yankee Group said that the intrusive nature of the security features could turn off IT administrators and users alike.

While the researchers laud Microsoft’s efforts to reduce account privileges to slow the spread of malware, lock down holes in its Internet Explorer browser, improve network access controls and integrate anti-spyware and anti-phishing applications into Vista, the report concludes that the execution of some of those plans may encourage companies to take a wait-and-see approach with the OS.

Andy Jaquith, the analyst who authored the report for Yankee Group, said that many people already working with Vista feel that Microsoft’s security tools are unnecessarily repetitive and even patronizing, and interrupt the workflow of administrators to the extent it makes their jobs harder to perform.

Specifically, Jaquith, who tested a preview version of Vista released in December 2005, said that Microsoft’s incorporation of user accounts that strictly limit access privileges via its User Account Control feature will be “particularly problematic.”

Microsoft representatives didn’t immediately offer comment on the findings of the Yankee Group report, but confirmed that they had read its contents.

Read the rest of this eWEEK story: “Report Casts Doubt on Vista’s Security Impact”