Information about Windows Vista (The Security)

Tweet

Windows Vista Security is much improved over Windows XP. With DEP, Bitlocker, and kernel Patch Protection, Vista is by far leading in its attempts to become the safest Operating System yet. Note: I refuse to call Vista the safest Operating System ever because it has not been placed out on the net to be attacked, poked and prodded as XP and 2000 have. Typically the previous version of the OS is the safest because of patch releases, etc. -DEP- Data Execution Prevention (DEP) is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. The primary benefit of DEP is to help prevent code execution from data pages. Typically, code is not executed from the default heap and the stack. Hardware-enforced DEP detects code that is running from these locations and raises an exception when execution occurs. Software-enforced DEP can help prevent malicious code from taking advantage of exception-handling mechanisms in Windows. -BitLocker Data Encryption Technology- Microsoft BitLocker Drive Encryption is a data-protection feature that will be available in Microsoft Windows Vista Enterprise and Ultimate for client computers and in Microsoft Windows Server code name "Longhorn." BitLocker is the Microsoft response to a frequent customer request to address the very real threats of data theft or exposure from lost, stolen, or inappropriately decommissioned PC hardware with a tightly integrated solution in the Windows operating system. BitLocker prevents a thief who boots another operating system or runs a software hacking tool from breaking Windows Vista file and system protections or performing offline viewing of the files that are stored on the protected drive. BitLocker enhances data protection by bringing together two major subfunctions: full drive encryption and the integrity checking of early boot components. Drive encryption protects data by preventing unauthorized users from breaking Windows file and system protection on lost or stolen computers. This protection is achieved by encrypting the entire Windows volume. With BitLocker all user and system files are encrypted, including the swap and hibernation files. -Kernel Patch protection- Kernel patching is the practice of using internal system calls and other unsupported mechanisms to modify or replace code or critical structures in the kernel of the Microsoft Windows operating system with unknown code or data. "Unknown code or data" is any code or data that is not provided by Microsoft as part of the Windows kernel. Patching fundamentally violates the integrity of the Windows kernel by replacing actual kernel code with unknown third-party code. As a result, patching introduces problems in three primary areas: reliability, performance and, most importantly, security. Reliability. The Windows kernel is tested extensively before any release of the operating system to ensure a high level of quality. Because patching replaces kernel code with unknown, untested code, there is no way to assess the quality or impact of the third-party code. Furthermore, kernel code is by its nature complex and critical to system stability, so bugs in unknown code can have a significant negative impact on system stability. An examination of Online Crash Analysis (OCA) data at Microsoft shows that system crashes commonly result from both malicious and non-malicious software that patches the kernel. Performance. Kernel performance is critical to the overall performance of the operating system. When low-level system calls are intercepted and unknown code is executed before control returns to the kernel, performance becomes unpredictable. Poorly designed unknown code can cause significant performance issues for Windows users. Security. Patching results in unknown code executing in kernel mode, so it is increasingly an avenue of attack by malicious software. Kernel Patch Protection Prevents the patching of the kernel, making the system safer, more reliable, and faster. However, Kernel Patch Protection is only available in the 64bit version of Windows Vista. -User Account Control- User Account Control in Windows Vista improves the safety and security of your computer by giving you the ability to decide if certain potentially dangerous software is allowed to make changes to your computer. It works with Windows Defender and Internet Explorer to help reduce the impact of viruses, spyware, and other threats. With User Account Control and the new Parental Controls in Windows Vista, you can easily create a separate account for each member of the family and control which websites, programs, and games each person can use and install. This helps protect your family and keeps your computer running smoothly. For people who have installed a version of Microsoft Windows earlier than Microsoft Windows Vista on their computers, the majority of user accounts are configured as a member of the local administrator's group, because administrator privileges are required to install, update, and run many software applications without conflicts and to perform typical system-level tasks. Even the simplest operation, such as clicking the taskbar clock to view a calendar, requires administrator privileges. Granting end-users administrative privileges makes individual computers and networks vulnerable to malware and increases total cost of ownership because users can make unapproved system changes. With User Account Control, IT administrators or even home users can run most applications, components and processes with a limited privilege, but have "elevation potential" for specific administrative tasks and application functions. Conversely, when users encountera system task that requires administrator privileges, such as attempting to install an application, Windows Vista will notify the user and require administrator authorization. This type of prompting helps ensure that users do not accidentally make modifications to their desktops. It also helps eliminate the ability for malware to invoke administrator privileges without a user's knowledge. -Windows Defender- Windows Defender is an application that helps you stay productive by protecting your computer against pop-up windows, slow performance, and security threats caused by spyware and other potentially unwanted software. The application provides advanced system scanning and spyware removal technologies that simplify the removal of spyware existing on a system. Real-time protection helps prevent new spyware from installing while a streamlined alert mechanism minimizes interruptions. To help you make informed removal decisions, Microsoft analysts provide relevant information and guidance with each alert. From installation to maintenance, Windows Defender is easy to use and comes with pre-configured settings designed to help ensure security. Windows Defender is integrated into Windows Vista, and is also available for Windows XP. This information has been compiled from multiple sources including but not limited to Microsoft Windows Vista website at www.windowsvista.com Please leave a message if you have any questions about this topic. I will be posting several other discussions on the features, networking, internet Explorer 7, and performance of Windows Vista.