Nemertes Impact Analysis

The Impact Analysis is a weekly quick-take on breaking IT news.
Nemertes provides expert insight on how recent IT news affects you.

Sign up to receive the Nemertes Impact Analysis or register for access to free web site content.

Vista Security Flaw: Terminal or Treatable? Preparation
is Key

Researchers from IBM/ISS (NYSE:IBM) and VMware (NYSE:VMW) announced a
potentially serious design flaw in Microsoft (NASDAQ:MSFT) Windows Vista OS.
Based on high-level data, the flaw is plausible and if determined to be real,
Microsoft will be faced with a potential redesign of Vista security.

Since there are more "unknowns" than "knowns," the best approach is to make
sure Computer Security Incident Response Teams (CSIRT) are prepped and ready to
take action. This is underscored by the fact that though 90% of participants in
Nemertes' Security and Information Protection benchmark have a CSIRT,
only 25% actually do drills against a well-defined plan.

Impacts:

Enterprises: Evaluate your CSIRT and prep them for a potential alert (or lack
of alert) from Microsoft.

Vendors: This flaw and associated exploit may not be Microsoft-exclusive.
Track developments closely.

Investors: It's too early to ring the alarm bell, but this could be a fatal
blow for Vista.

Ted Ritter, Research Analyst

http://www.nemertes.com/products_services/research/benchmarks/nemertes_benchmark_security_and_information_protection
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324395,00.html?asrc=SS_CLA_303569&psrc=CLT_14