Allchin Tries to Clear up the Confusion
I haven’t been reading other blogs that were covering the story where Jim Allchin Says Vista May Be Beyond Need for Antivirus, I know what he meant, but I guess some of the stories started saying that he said Windows Vista didn’t need antivirus software.
The point I had been trying to make (albeit unclearly) is that Windows Vista includes new security features that can dramatically help improve our customers? security for certain situations. I was asked a question about how I rated the protection provided by Windows XP with Service Pack 2 and whether or not it was still effective. I ended up telling a story about how the machine my seven-year-old son uses has no antivirus software installed because it runs in a very locked down configuration, which includes only being able to visit websites on an approved list (approved through the parental controls feature in Windows Vista). He also has no access to email or instant messaging and he doesn?t run as an administrator of the machine. In fact, parental controls in Windows Vista requires that the user you apply controls to is not running as an administrator. Email, phishing, and other social engineering attacks are definitely among the most prevalent attacks that home users experience today, and his machine has been locked down in these regards. Source: Windows Vista Team Blog
If you have a locked down machine, running as a user and not admin, all the latest patches, a firewall, and use good practices when browsing and reading email, you can probably get by without need antivirus or anti spyware, but would I recommend it? No, because you never know when someone is going to come out with the next killer piece of malware that will trash your machine.
I hope we can all run Windows someday without antivirus software, the way it should be, be there is always going to be somebody, some slack jaw looking to make a few bucks with his great piece of “software” that he just infected thousands of people with. No matter how good of security we end up with, the user is always going to be the wildcard; you just don’t know what they are going to do next.