1 min read

Symantec Finds Flaws In Vista's Network Stack

Researchers with Symantec's advanced threat team said some of the flaws have been fixed, but they also claim that the rewrite of the networking code could cause problems.
Symantec's researchers also spelled out stability shortcomings in the stack, and spotted undocumented behaviors that "require some explanation" according to Friedrichs.

But although he made it clear that the Vista team seemed to be on top of bug fixes, he warned that it might be years before the stack's quality is ultimately determined. In addition, Microsoft's developers have only about four months to wrap up the operating system if they're to make the November deadline to corporations that the company's sworn to.

"In deciding to rewrite the stack, Microsoft has removed a large body of tried and tested code and replaced it with freshly written code, complete with new corner cases and defects," wrote Newsham and Hoagland in their paper. "Despite the claims of Microsoft developers, the Windows Vista network stack as it exists today is less stable than the earlier Windows XP stack."

Friedrichs backed up his researchers. "This stack is very very complex," he said. "It's going to be tough to flush out all the bugs."

The Symantec paper can be downloaded in PDF format from the Cupertino, Calif. company's Web site.