Vista's UAC has a security feature that marks it out from any other type of Windows security program -- it can spot rootkits before they install. This is one finding buried in a report published in two German computer magazines some months ago after testing by the respected AV-Test.org, which set out to find out how well antivirus programs fared against known rootkits.
The answer: not particularly well ... either for Windows XP, or Vista-oriented products.
Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to the six web-based scanners assessed. Only four of the 14 specialized anti-rootkit tools managed a perfect score. For Vista, only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista's UAC itself spotted everything thrown in front of it.
In a period of where Vista has received criticism, Microsoft's programmers can at least point to evidence that UAC is efficient at stopping infections from happening automatically.
71 Comments - Add comment