Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Windows Vista RIP - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Windows Vista RIP

Microsoft Windows Vista was your full name. Internally you identified yourself as windows 6.0. Most would call you simply Vista. You were never liked all that much. In part this was due to your security inspired nanny attitude. Despite that, you carried a lot of essential and long overdue security improvements. Improvement which allowed e.g. the practical removal of administrator rights without impacting the users of software written under the false presumption that users should have administrative rights.

The market has rejected you and killed you off. Your last copies went over the counter in October 2011 according to your maker. And finally, today that same maker buries you too: Microsoft is stopping support for Windows Vista today.

There is some hope that consumer rights groups will fight such a short lifespan of support and patches (e.g. in Europe there 's a mandatory 2 year warranty requirement for products sold to consumers), but overall and for all practical purposes, you're about to be forgotten by all but a handful who'll send significant donations to your maker.

So you will nonetheless live on for a while -for a maximum of 5 more years- through extended support as well as through your technically very closely related sibling Windows 7 (which identifies itself internally as windows 6.1 in a sort of tribute to you), and which was given a bit better of an education on how to interact with the public by the maker's marketing department.

Still those that have you will now have to decide to bury you in the trashcan or pay for extended support.

http://windows.microsoft.com/en-US/windows/products/lifecycle

P.S.:
- Hat Tip: Rene
- I hope this doesn't offend any of our readers. it's only meant to be a bit sarcastic and to lighten up the rainy day a bit.

--
Swa Frantzen -- Section 66

Swa

760 Posts
Ah Vista, you were such a big step forward from XP as far as security is concerned and yet you had so many nagging prompts that sadly the majority of users just gave up and turned off UAC. Thank goodness that your younger brother 7 learned from your foibles and made good on the promise you showed initially. You will be remembered fondly by me for your contributions, but you were sent out into the world before you were ready and you didn't stand a chance. Rest in peace, bits and bytes.
Anonymous
A lesson in User Interface design, I think. Under the covers, awesome things were promised and delivered, but poor performance overall and clumsy messaging left a bad taste in so many mouths.
Eli

9 Posts
Vista Vista, hate to see you leave but love to see you go. On to the next great Microsoft thing. Windows 8
Eli
1 Posts
Note that Extended Support includes free security updates, so Vista will continue to receive patches until 2017. It's non-security updates that you have to pay for.

I will not miss Vista myself.
Eli
8 Posts
Good riddance....a dreadful OS
James

32 Posts
Humor does lighten the day! Thank you for this!
James
6 Posts
As the less subjective earlier post suggests, it'll still get security patches thru '17.
Dean

135 Posts
Buried under the UAC annoyance; we also saw the declaration that installed software files/directories must be separated from working user data files, with the appropriate directory privileges. Of course this this annoyed sw vendors, but another good practice MS mandated.
dave

21 Posts
dsh: yes: there should still be (some) security patches for Vista. BUT since the vast majority of customers will be unable to open even a mere support ticket, the odds of getting security problems only present in Vista (or older) taken note off or acted upon by Microsoft diminishes from today on significantly. So regardless of the possibility to get security fixes for security problems also in Windows 7 and more recent for the next 5 years, I still classify running unsupported OSes as a risk - a relatively easy to avoid risk in fact.
Swa

760 Posts
I think it is probably deserved as was Windows ME to put it out of its misery before it was due. Thanks!

Matthew,
http://mjddesign.wordpress.com
Matthew

15 Posts
I have it, using it right now. I do hope some scream loudly and get it's mainline support extended. If they have to in EU, they should do same for everyone.

The UAC was a pain to get used to, but I get just as much nagging out of Win7. Win7 is quicker, but also requires more ram. In this economy, I do not see forcing us to 7 a good move, except to stimulate their and manufactures bottom lines. This has cost them before. And I sure do not see Win8 as being that great, more of a pain than Vista. Metro blows IMHO.
Greg

25 Posts
>> the odds of getting security problems only present in Vista (or older) taken note of or acted upon by Microsoft diminishes from today on significantly.

I disagree. If the issue is reported to Microsoft, then their "response-team" needs to verify which of XP/Vista/7/8 need a security-update, no matter against which OS the issue is reported. It would violate their product-lifecycle policy if they were to say "we confirm to be a bug in XP, but we are going to fix it only in 8".
Anonymous
The Microsoft website suggests that non-commercial customers will no longer receive security updates either.

Selected words from http://windows.microsoft.com/en-US/windows/products/lifecycle:

"Without Microsoft support, you will no longer receive security updates"

"End of mainstream support" (Vista, April 10, 2012)

"What is the difference between mainstream support and extended support?"
"Please note: Extended support is only available for commercial customers."

Please let me know if I am wrong!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!