Microsoft just published an interesting Windows Vista One Year Vulnerability Report
I especially like this graph:
I mentioned a few days ago that Vista seems to have picked up at XP’s current level of stability. From this it looks like it’s done the same with security.
I think what’s remarkable is that they’ve accomplished this while increasing the amount of Windows code (because of new features). Normally more code creates more ways for it to fail and to get hacked, but the Vista team has done the opposite. That’s impressive.
For bonus points, read through the report’s comments (pretty fun on its own) and then read this response on the MS Software Development Lifecycle team blog.
I’ve been using Vista Business for about a year. I’ve had it on a secondary work machine since around May, and as my primary work machine since November. Overall, it’s quite nice.
But it’s definitely had its quirks, mostly with waking from standby or hibernation. I put a couple hotfixes on, and they definitely helped, but it still did have an occasional strangeness. That said, in almost a year’s time, I only remember needing to hard-reset it perhaps 3 times, and needing to reboot it maybe 5.
Now, I think that’s great, considering these machines belong to a tweaker like me (read: not a grandma or Mac-type user who doesn’t try new things). I’d say it’s comparable reliability to a current stable XP system. This is an important comparison — XP has been maturing since 2001, but Vista started out at the same level of reliability.
As an aside, I’ve had several non-technical folks ask me “is Vista as bad as they say?” and I’ve only been able to respond “as who says?” The only negative reviews I’ve seen were some journalists who must have put Vista on old hardware without current drivers. But IT professionals I’ve talked to who’ve used Vista for a while seem to like it.
So anyway, I still didn’t want that occasional quirk, so I tracked down hot-off-the-presses Service Pack 1, and applied it last night. It took about 45 minutes, and went flawlessly. Hooray for that, and hopefully it sails even smoother now…
In case anyone needs this, I found that this (quite batchable) command opens the XPSP2 Firewall appropriately so Symantec Management Console can push SAV licenses to workstations:
> netsh firewall set portopening TCP 2967 "Symantec AntiVirus Client Management" enable subnet