Vista Stays on the Horizon

4:22 PM -- Microsoft Wednesday released a report stating that Windows Vista had fewer holes in its first year than other operating systems in their first year. But what does it mean to those responsible for securing their organizations' desktops? (See Microsoft: Vista Has Fewer Flaws Than Other First-Year OSes.)

I suspect not much. Personally, I don't know a single security person whose company has migrated all of its desktops to Vista. Sure, there are a few test groups -- power users or guinea pigs who want to see how it works in their environments -- but none of them speak of migrating yet. In fact, they’re anticipating Service Pack 3 for Windows XP.

Is security -- fear of new vulnerabilities -- what keeps companies from migrating to Vista? No. It’s the drastic changes in the new OS, such as User Access Control, and the fact that it breaks a lot of software and hardware.

When Windows guru Mark Minasi gave a presentation on Vista to us here at the University of Florida, the first thing he said was, "Vista breaks things." How many of the people sitting in that presentation do you think have migrated all of their desktops to Vista since then? They can be counted on one hand.

Service Pack 1 for Windows Vista is due out this quarter, but there is speculation it may show up within the next few weeks. Will SP1 be the turning point for organizations to move to Vista?

While I think it will definitely have an impact for some, it won’t cause the masses to come running. There are skeptics who avoid new operating systems until they’ve been "proven," but there are different definitions for that term. I’ve worked with individuals over the years who wouldn’t touch a new Microsoft desktop OS until its first service pack was released.

So, what will push users over the edge? Windows Server 2008’s release is more likely to have a positive impact on Vista adoption, because Server 2008 is built using the same core operating system as Vista. In an October presentation, a Microsoft official stated that Server 2008 would essentially be a server version of Vista, with all of the bits of SP1 included.

What’s holding your company back from Vista?

– John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading