The battle for malware wages on, but new weapons have been pushed to the front line. For Windows Vista, many new security features (as well as some updated ones) help to protect computer systems from past, present, and future malware threats of any class.
Vista includes many new features that help to thwart malware threats. Behind the actual making of the software was a major plan to shift the way Microsoft does business in the security sector. Now, making a secure, private, and reliable computing experience has become the companys top priority and has been dubbed Trustworthy Computing.
This article is excerpted from Vista for IT Security Professionals. To order this book, please visit Syngress.
To preserve data confidentiality, integrity, and availability (CIA), Windows Vista brings a new level of confidence to computing through improved security, reliability, and management. It achieves this by establishing innovative engineering, applying best practices, and creating a system where the OS can be updated and maintained consistently to avoid intrusion or exploitation.
New features include:
Windows Service Hardening (WSH) Windows Service Hardening limits the amount of damage an attacker can do if a service is compromised.
Network Access Protection (NAP) Network Access Protection is used to prevent clients from connecting to the network if they are infected with malware.
Internet Explorer 7 Internet Explorer 7 comes with Windows Vista by default as the built-in Web browser. It includes many security enhancements that protect users from malware attacks such as phishing and spoofing, and it uses a new mode, called Protected Mode, to further secure the users browsing experience.
Updated Windows Firewall The new outbound filtering feature in the personal firewall helps to apply more granular control over traffic traversing it.
User Account Control (UAC) This feature will allow a user to change computer settings while running as a standard user, instead of requiring administrator privileges to perform most tasks.
Windows Defender The Windows Defender utility detects malware on your system and, when used in conjunction with SpyNet, can help to eliminate most spyware attacks and exploits.
Other features within Vista help to secure the system; however, these relate to the battle against malware.
Windows Service Hardening (WSH)
For a long time, malware seemed to be connected to Windows-based services. Because Windows services have always been an open door for malware creators, Microsoft took steps to ensure that this doesnt continue to be a problem. In the past, there has been a major issue with the number of critical services running as System, which basically gave an open door to anyone who could bypass the minimal security in place.
The Sasser, Blaster, Slammer, and Code Red exploits targeted unprotected and easily exploited services. WSH is a new service released with Microsoft Vista that allows you to harden the security posture of your host system. Its not realistic to leave a PC powered down and not in use, because this goes against what a computer was originally designed to do, which is to help you be more productive. The computer was not meant to act as a 150-pound paperweight. Microsoft has raised the bar on system service hardening by releasing WSH.