News Stay informed about the latest enterprise technology news and product updates.

Stalled deployments lead to Windows Vista patch apathy

Security pros are disappointed that Microsoft's monthly security patches are increasingly for flaws in Windows Vista. But with Vista deployment plans on ice, IT admins are unfazed

Microsoft's monthly security patches have increasingly affected Windows Vista, prompting some vulnerability experts to warn against moving quickly to deploy the new operating system.

The fact remains that regardless of which operating system is used, vulnerabilities will be found and patches will have to be distributed.
Natalie Lambert,
senior analystForrester Research Inc.

Shavlik Technologies' Chief Technology Officer Eric Schultze urged companies in December to take Vista deployments slowly given the increased rate of flaws.

Many IT professionals are taking Schultze's advice, but not out of concern over vulnerabilities. Windows administrators say they're holding off on Vista because of ongoing compatibility issues and because they have little interest in ditching Windows XP SP2 in favor of the new operating system. As a result, they're shrugging off the increase in Vista patches.

"We're not looking at Vista anytime soon because it's much more demanding on the computer hardware than Windows XP," said Ken Pfeil, head of information security for the Americas Region at WestLB AG in New York. "Besides, I really didn't expect a large drop off in patches just because it's Vista. More functionality and features with Vista means the potential for a lot more to go wrong."

Microsoft Vista deployments:
Windows Vista UAC an oil slick for energy firm: Microsoft touts Windows Vista UAC as a needed layer of security. But Omar Ghneim, network administrator for EXCO Resources, says it's more disruptive than helpful.

College campuses prepare for Microsoft Windows Vista challenges: With new Vista machines coming to campus, the IT shops of academia have no choice but to embrace the latest Windows OS and its security implications.

Pfeil's view is shared by many of his peers. Omar Ghneim, network administrator at EXCO Resources Inc., a Dallas-based oil and natural gas company, is delaying the deployment of Vista in his enterprise until later this year or early 2009 because the company has instead decided to focus on some planned acquisitions for now. He has also expressed displeasure with Vista's User Account Control (UAC) function in recent interviews. But an increase in security patches is not something that would affect his plans one way or another, he said.

In a recent series on Vista deployment challenges, a majority of IT professionals were content to wait as long as possible before deploying Vista because of compatibility issues that had surfaced during early testing and a general satisfaction with the security and functionality of Windows XP SP2. A smaller number of IT shops were moving ahead with Vista deployments because they were getting extra assistance via Microsoft's Vista Technology Adoption Program (TAP).

But throughout the series, the potential rate of Vista security patches was a non-issue for most.

Natalie Lambert, a senior analyst with Cambridge, Mass.-based Forrester Research, said that's because most IT departments have a tried and true patching process in place that stretches for a week or more, with plenty of time built in for testing and tweaking. Most IT professionals expect to use the process on Vista as much as they have with past versions of Windows, she said.

"Patching has become part of everyday life for the operations group," she said. "The fact remains that regardless of which operating system is used, vulnerabilities will be found and patches will have to be distributed. Do I think that this increased number of patches is slowing adoption of Vista? No. Patching is not the driving factor."

Dig Deeper on Microsoft Windows security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.