Security And Safety Features New To Windows Vista
by Urban Mixer
Security And Safety Features New To Windows Vista
User Account Control
Main article: User Account Control
User Account Control is a new infrastructure that requires user consent before allowing any action that requires administrative privileges. With this feature, all users, including users with administrative privileges, run in a standard user mode by default, since most applications do not require higher privileges. When some action is attempted that needs administrative privileges, such as installing new software or changing system settings, Windows will prompt the user whether to allow the action or not. If the user chooses to allow, the process initiating the action is elevated to a higher privilege context to continue. While standard users need to enter a username and password of an administrative account to get a process elevated (Over-the-shoulder Credentials), an administrator can choose to be prompted just for consent or ask for credentials.
UAC asks for credentials in a Secure Desktop mode, where the entire screen is faded out and temporarily disabled, to present only the elevation UI. This is to prevent spoofing of the UI or the mouse by the application requesting elevation. If the application requesting elevation does not have focus before the switch to Secure Desktop occurs, then its taskbar icon blinks, and when focussed, the elevation UI is presented (however, it is not possible to prevent a malicious application from silently obtaining the focus).
Since the Secure Desktop allows only highest privilege System applications to run, no user mode application can present its dialog boxes on that desktop, so any prompt for elevation consent can be safely assumed to be genuine. Additionally, this can also help protect against shatter attacks, which intercept Windows inter-process messages to run malicious code or spoof the user interface, by preventing unauthorized processes from sending messages to high privilege processes. Any process that wants to send a message to a high privilege process must get itself elevated to the higher privilege context, via UAC.
Applications written with the assumption that the user will be running with administrator privileges experienced problems in earlier versions of Windows when run from limited user accounts, often because they attempted to write to machine-wide or system directories (such as Program Files) or registry keys (notably HKLM) UAC attempts to alleviate this using File and Registry Virtualization, which redirects writes (and subsequent reads) to a per-user location within the user profile. For example, if an application attempts to write to :program filesappnamesettings.ini and the user doesn have permissions to write to that directory, the write will get redirected to :UsersusernameAppDataLocalVirtualStoreProgram Filesappname.
Bitlocker Drive Encryption
Main article: BitLocker Drive Encryption
Formerly known as “Secure Startup”, this feature offers full disk encryption for the system volume. Using the command-line utility, it is possible to encrypt additional volumes. Bitlocker utilizes a USB key or Trusted Platform Module (compliant with the version 1.2 of the TCG specifications) to store its encryption key. It ensures that the computer running Windows Vista starts in a known-good state, and it also protects data from unauthorized access. Data on the volume is encrypted with a Full Volume Encryption Key (FVEK), which is further encrypted with a Volume Master Key (VMK) and stored on the disk itself.
Windows Firewall
Main article: Windows Firewall
Windows Vista significantly improves the firewall to address a number of concerns around the flexibility of Windows Firewall in a corporate environment:
IPv6 connection filtering
Outbound packet filtering, reflecting increasing concerns about spyware and viruses that attempt to “phone home”.
With the advanced packet filter, rules can also be specified for source and destination IP addresses and port ranges.
Rules can be configured for services by its service name chosen by a list, without needing to specify the full path file name.
IPsec is fully integrated, allowing connections to be allowed or denied based on security certificates, Kerberos authentication, etc. Encryption can also be required for any kind of connection. A connection security rule can be created using a wizard that handles the complex configuration of IPsec policies on the machine. Windows Firewall can allow traffic based on whether the traffic is secured by IPsec.
A new management console snap-in named Windows Firewall with Advanced Security which provides access to many advanced options, including IPsec configuration, and enables remote administration.
Ability to have separate firewall profiles for when computers are domain-joined or connected to a private or public network. Support for the creation of rules for enforcing server and domain isolation policies.
Windows Defender
Main article: Windows Defender
Windows Vista includes Windows Defender, Microsoft’s anti-spyware utility. According to Microsoft, it was renamed from ‘Microsoft AntiSpyware’ because it not only features scanning of the system for spyware, similar to other free products on the market, but also includes Real Time Security agents that monitor several common areas of Windows for changes which may be caused by spyware. These areas include Internet Explorer configuration and downloads, auto-start applications, system configuration settings, and add-ons to Windows such as Windows Shell extensions.
Windows Defender also includes the ability to remove ActiveX applications that are installed and block startup programs. It also incorporates the SpyNet network, which allows users to communicate with Microsoft, send what they consider is spyware, and check what applications are acceptable.
Parental controls
Parental controls control panel
Windows Vista includes a range of parental controls for non-domain user accounts. Windows Parental Controls rely on UAC to implement reduced rights account identities needed for offline restrictions. An administrator can apply parental control restrictions to other users on the computer. Facilities include:
Web content blocking, including the ability to limit web browsing to “kids websites”, as well as blocking particular categories of content such as “Pornography”, “Drugs”, “Web e-mail”, “Web chat”, and so on. File downloads may also be disabled. Web content filtering is implemented as a Winsock LSP filter.
Time limitations on when the account may be used. When active, users are blocked from logging on if not already logged on. If they are logged on and the time limit is reached, user accounts are locked using Fast User Switching without the users being logged out to prevent unsaved data in that account from getting lost.
Restrictions on what kind of games may be played. An administrator may choose from one of five different game rating services: ESRB (United States and Canada), PEGI (Europe), USK (Germany), OFLC (Australia and New Zealand), or CERO (Japan). Ratings are used to determine the highest allowed game rating. As with web content blocking, a number of categories of content may also be blocked regardless of game ratings.
Restrictions on what programs may be executed. Implemented using Windows Software Restriction Policies.
Activity reports to monitor and log what was done under Parental Controls through event logging interfaces
APIs expose the policy and in-box restrictions settings, and logging functionality for parental controls functionality to be extended or replaced.
Encrypting File System
Main article: Encrypting File System
Encrypting File System (EFS) in Windows Vista can also be used to encrypt the system page file and the per-user Offline Files cache. EFS is also more tightly integrated with enterprise Public Key Infrastructure (PKI), and supports using PKI-based key recovery, data recovery through EFS recovery certificates, or a combination of the two. There are also new Group Policies to require smart cards for EFS, enforce page file encryption, stipulate minimum key lengths for EFS, enforce encryption of the user Documents folder, and prohibit self-signed certificates. The EFS encryption key cache can be cleared when a user locks his workstation or after a certain time limit.
The Encrypting File System rekeying wizard allows the user to choose a certificate for EFS and to select and migrate existing files that will use the newly chosen certificate. Certificate Manager also allows users to export their EFS recovery certificates and private keys. Users are reminded to backup their EFS keys upon first use through a balloon notification. The rekeying wizard can also be used to migrate users in existing installations from software certificates to smart cards. The wizard can also be used by an administrator or users themselves in recovery situations. This method is more efficient than decrypting and reencrypting files.
Preventing exploits
Windows Vista uses Address Space Layout
| Print article | This entry was posted by internet4u on October 28, 2010 at 8:14 pm, and is filed under SSL Certificates. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
about 1 year ago
THANKS for all this info! It’s so very helpful. Listen, I wanted to share something with you that has been awesome in our home in helping with internet safety for our kids. Pandora’s Hope is a solution to easily protect homes or businesses from those things online that you don’t want to be exposed to or tempted by. The Pandora’s Hope router connects directly into your modem, making it easy to use and compatible with any cable or DSL Internet connection. This Internet filtering router gives you better control on what is seen on any device using your Internet connection (wireless or via cable). Definitely worth checking out – works great EXTREMELY easy set up!