Before we get into how Microsofts new products can help you reduce the threat of malware, it makes sense to discuss prevention and response first.
As mentioned earlier, staying secure is a two-step dance. You need good software that protects you, and the mindset to protect your surfing habits. Protecting systems and networks from the damage caused by Trojans, viruses, and worms is mostly a matter of common sense. Its up to you to prevent harm by being aware of it, and then being able to respond to it and make the systems (or network) operational without any downtime, if possible.
Although there are many ways to protect yourself and your system using Microsofts tools, it always helps to practice some of the following general security practices as well:
Periodically update every piece of software you install on your system, as well as the OS itself, which also needs to be updated periodically. You can do this by installing the latest updates, hotfixes, security patches, and SPs that are available for your software. Keep on top of when new patches come out, and try to test and then install the current patches to keep your system at its best.
This article is excerpted from Vista for IT Security Professionals. To order this book, please visit Syngress.
When using your e-mail client, pay close attention to who is sending you e-mail and where the e-mail originates. Because e-mail can be spoofed, you may not always be able to do this, but in most cases, a spam filter can quickly identify unspoofed e-mail and send it right to the trash or automatically remove it.
If you receive files from sources that you do not recognize, its wise not to execute them. Instead, delete them. In other words, if someone sends you a file such as harmless.jpg.exe, its a good idea to delete the file and not execute it because it seems to fall into the characteristic of a typical malware hoax intended on getting you to launch it.
When using your e-mail client, make sure you turn off any preview pane functionality so that you do not open and, therefore, execute any attached scripts simply by opening your Inbox.
To prevent macro viruses, ensure that macro security is enabled in Office so that if you open a Word document, you wont necessarily run a malicious script that may also be contained within it.
Do not use floppy disks from untrusted sources. Also, pay attention to any file that enters your system from any source, whether it is a CD or DVD-ROM, USB flash device, or something similar.
Use host-based instruction detection/prevention (IDS/IPS) software if possible, as well as firewall software, antivirus software, and spyware removal software such as Microsoft Defender.
Harden your systems and disable unneeded or unwanted services.
Use a strong password policy. If malware does attempt to try to steal your credentials, having a strong password policy in place will help you if your system does become infected.