via Gizmodo (http://uk.gizmodo.com/2008/11/04/microsoft_claims_thirdparty_ap.html)


It seems as though Microsoft's feelings have been hurt recently following more mickey-taking regarding its Vista operating system and the 'security holes' that have plagued both this and XP.

If its recent security report is to be believed though, it has good reason to feel aggrieved.

Looking at the evolution of threats and the origin of system vulnerabilities, Microsoft confirms findings from other security vendors that show hackers are attacking Vista through third-party applications and not the OS itself.

Though it admits that half of the biggest issues with XP are the fault of Internet Explorer, when it comes to Vista, the top-10 browser based vulnerabilities are caused by third-party applications such as RealPlayer, Apple's Quicktime (gotta sneak that one in) and various add-ons and toolbars.

This suggests that Vista is more secure than XP but the results may be affected by the fact that this other software is easier to exploit and therefore a more attractive target.

As to what will be done about it, Microsoft is claiming its trusted Internet Initiative, launched earlier this year, will help develop a more secure community of software, that is if it gets past whitepaper stage.

Well they are right... It was in fact safari that had the whole carpet bomb exploit.

However I don't think its 100% 3rd party programs fault. Because when a computer is DDOSed it is attacked directly. Meaning if a hacker can DDOS vista then Microsoft still needs to work on the security on their end.