New tests show that Windows XP, coupled with the forthcoming Service Pack 3, performs twice as well as Vista with SP1. Devil Mountain Software discovered that a preview version of SP3 for Windows XP offered a 10 percent performance boost. The software development firm said that performance gains with SP1 for Vista were negligible.

However, slower speed is one issue, security is another. Considering the probability that more businesses will begin migrating to Vista in 2008, security analysts say that the security of Microsoft's latest operating system might be a larger problem than performance.

Vista Migration Mixed with Danger?

The release of Service Pack 1 for Windows Vista is likely to accelerate the adoption rate of Redmond's latest operating system and have a corresponding impact on the bottom lines of malware writers, who have largely continued to target Microsoft's earlier operating systems. According to McAfee, if professional malware authors begin to see an impact on their businesses as Vista becomes more popular, they might expand their efforts to find holes in the new operating system.

Of course, the antivirus firm added, that doesn't mean older threats to Windows XP will disappear. It was several years after the Java vulnerability named in Microsoft Security Bulletin M503-011 was patched before exploits targeting that vulnerability fell off the list of McAfee Avert Labs top 10 threats to consumers. The old threats will persist, McAfee warned, but a new crop is on its way.

The National Vulnerability Database reported 10 Vista vulnerabilities in the first nine months after the OS was released. This compares with 16 XP vulnerabilities during the same length of time. The number of reported Windows XP vulnerabilities more than doubled in the following 12 months. If history repeats itself, McAfee cautioned, businesses can expect far more than 20 Windows Vista vulnerabilities to be reported in 2008.

2008: A Year of Security Challenges?

The way iSight Partners' Director of Global Response Ken Dunham sees it, 2008 is a significant year for Windows Vista. On the business side, he noted, 2008 marks the year when many corporations will start to consider Vista seriously.

Dunham also said that 2008 presents new opportunities for hackers who are looking for corporate assets to attack while companies migrate to Vista. "Vista contains many new important security updates but is not invulnerable to attack," Dunham argued. "Hackers are actively looking for ways to exploit Vista, Internet Explorer 7, and other new features for maximum profit."

Of course, Vista isn't the only software system facing security threats. McAfee said there's a target on Web 2.0, online gaming, and instant messaging. "Threats are increasingly moving to the Web and migrating to newer technologies such as VoIP and instant messaging," Jeff Green, senior vice president of McAfee Avert Labs, said in a statement.

"Professional and organized criminals continue to drive a lot of the malicious activity," Green said. "As they become increasingly sophisticated, it is more important than ever to be aware and secure when traversing the Web."