Vista Help
Welcome to my Vista Help Blog
On this site you'll find help and informaton on Vista.
The aim of this site is to help you upgrade you computer from XP to VIsta
0
Kelly Liyakasa wrote:
Vista and Security Copyright (c) 2007 Kelly Liyakasa is a writer for 6StarReviews.com. Kelly Staller is site manager at 6StarReviews.com, a site dedicated to giving YOU, the consumer, the best product and service reviews around. If you like saving time and money by having someone else review leading sites and products, then Visit our site at 6StarReviews.com.
Any computer owner knows about the age-old debate over what causes a computer virus or recurring spyware attacks. Many attribute malicious spyware to the number of pop-up ads we receive when surfing the Net. Some think spyware is embedded in the software we purchase, thus making it nearly impossible to fully eliminate the problem.
Some people believe computer viruses can be spread through email only and forget that file sharing can have negative impacts on PC’s as well. The conglomeration of Internet-security vocab can be downright confusing! Luckily, there are many anti-virus, anti-spyware and even hardware options to choose from in reducing the probability you fall prey to the Internet’s darker side.
Everyone knows Windows Vista was just released and some computer owners are questioning its ability to protect against various computer viruses and spyware. Microsoft is trying to clear up some of the negative misinformation that has been spreading on computer and security forums throughout the Web.
Here’s some Vista security features Microsoft released:
• Microsoft says Windows Vista was designed to be their safest operating system yet.
• Windows Defender is Vista’s take on an anti-spyware tool.
• Vista offers an Internet Explorer 7 Protected Mode, designed to prompt users for permissions when visiting compromised Websites.
• Vista can run PC programs in Secure Mode.
• When any file download or applications begin, Vista can prompt the computer administrator for their password or permission.
• Vista offers Web Restrictions, such as blocking adult sites from children’s eyes.
• Gambling sites or gaming sites can be filtered through Vista.
While it’s admirable Microsoft has chosen to design an operating system that strives to better your security precautions, controversy has arisen with many of the best antivirus services.
Some services like McAfee and Symantec feel Microsoft is attempting to push out third-party anti-virus providers. They feel Vista’s security coding could be cracked and it’s necessary to continue protecting your PC with alternative software.
6StarReviews.com reports that Internet security suites like PCSecurityShield offer many aspects to safeguarding your computer. In any event your Vista OS doesn’t provide full coverage, a comprehensive anti-virus, anti-spyware and anti-phishing security suite can come to the rescue.
Vista and Security Copyright (c) 2007 Kelly Liyakasa is a writer for 6StarReviews.com. Kelly Staller is site manager at 6StarReviews.com, a site dedicated to giving YOU, the consumer, the best product and service reviews around. If you like saving time and money by having someone else review leading sites and products, then Visit our site at 6StarReviews.com.
Any computer owner knows about the age-old debate over what causes a computer virus or recurring spyware attacks. Many attribute malicious spyware to the number of pop-up ads we receive when surfing the Net. Some think spyware is embedded in the software we purchase, thus making it nearly impossible to fully eliminate the problem.
Some people believe computer viruses can be spread through email only and forget that file sharing can have negative impacts on PC’s as well. The conglomeration of Internet-security vocab can be downright confusing! Luckily, there are many anti-virus, anti-spyware and even hardware options to choose from in reducing the probability you fall prey to the Internet’s darker side.
Everyone knows Windows Vista was just released and some computer owners are questioning its ability to protect against various computer viruses and spyware. Microsoft is trying to clear up some of the negative misinformation that has been spreading on computer and security forums throughout the Web.
Here’s some Vista security features Microsoft released:
• Microsoft says Windows Vista was designed to be their safest operating system yet.
• Windows Defender is Vista’s take on an anti-spyware tool.
• Vista offers an Internet Explorer 7 Protected Mode, designed to prompt users for permissions when visiting compromised Websites.
• Vista can run PC programs in Secure Mode.
• When any file download or applications begin, Vista can prompt the computer administrator for their password or permission.
• Vista offers Web Restrictions, such as blocking adult sites from children’s eyes.
• Gambling sites or gaming sites can be filtered through Vista.
While it’s admirable Microsoft has chosen to design an operating system that strives to better your security precautions, controversy has arisen with many of the best antivirus services.
Some services like McAfee and Symantec feel Microsoft is attempting to push out third-party anti-virus providers. They feel Vista’s security coding could be cracked and it’s necessary to continue protecting your PC with alternative software.
6StarReviews.com reports that Internet security suites like PCSecurityShield offer many aspects to safeguarding your computer. In any event your Vista OS doesn’t provide full coverage, a comprehensive anti-virus, anti-spyware and anti-phishing security suite can come to the rescue.
Arvind wrote:
Windows vista is the new addition to the windows operating systems series. The windows vista is highly efficient and set in trend to keep up with the modern computing needs and in providing a high user-friendly atmosphere. An operating system with such high proficiency needs genuine windows vista registry cleaners.
Registry is the knowledge bank or the data storage of any operating system. Continued usage will leave back bad sectors arising from installation or un-installation of soft wares. Many spywares and virus threats also might affect the system registry, which in turn affects the overall performance of the system by slowing down the operations or in worse cases even a black out or system failure. Thus, the need to install highly efficient vista registry cleaners is imperative to safeguard your system operation as well the important files, which needs to be safeguard.
Numerous registry cleaner are available in the market today. But always cross check whether they can be used as vista registry cleaners. It should be efficient in handling the latest additions in the new windows vista operating system. The registry cleaner should identify, manage, compress and repair the system registry. It should also check for spy wares Trojan, viruses and other bad sectors in the registry. Exclusive software programs available as vista registry cleaners are best suited for this purpose.
More than the quality of the vista registry cleaners it should be easy to install manage and operate without much complication. Easy to understand manual should be provided, so that the user can effectively operate the software. It should have user friendly features and Vista registry cleaners should safe guard and protect automatically, and should have upgrading options, so that the software can be upgraded regularly according to the need of the hour.
Windows vista is the new addition to the windows operating systems series. The windows vista is highly efficient and set in trend to keep up with the modern computing needs and in providing a high user-friendly atmosphere. An operating system with such high proficiency needs genuine windows vista registry cleaners.
Registry is the knowledge bank or the data storage of any operating system. Continued usage will leave back bad sectors arising from installation or un-installation of soft wares. Many spywares and virus threats also might affect the system registry, which in turn affects the overall performance of the system by slowing down the operations or in worse cases even a black out or system failure. Thus, the need to install highly efficient vista registry cleaners is imperative to safeguard your system operation as well the important files, which needs to be safeguard.
Numerous registry cleaner are available in the market today. But always cross check whether they can be used as vista registry cleaners. It should be efficient in handling the latest additions in the new windows vista operating system. The registry cleaner should identify, manage, compress and repair the system registry. It should also check for spy wares Trojan, viruses and other bad sectors in the registry. Exclusive software programs available as vista registry cleaners are best suited for this purpose.
More than the quality of the vista registry cleaners it should be easy to install manage and operate without much complication. Easy to understand manual should be provided, so that the user can effectively operate the software. It should have user friendly features and Vista registry cleaners should safe guard and protect automatically, and should have upgrading options, so that the software can be upgraded regularly according to the need of the hour.
Mojtaba Sadeghi wrote:
Section 1: Security Development Lifecycle
The Security Development Lifecycle technique or SDL is a professional process that helps for making sure that the software are built from the
base to reduce security risk. The SDL implements a professional process of secure design, coding, implementing, testing, review and response for all Microsoft products specific windows Vista .The SDL removes the surface area for attacks, improves operating system and
application be bugless, and helps organizations high securely management and isolate the network.
We can say that The Windows Vista is the first client operating system to be Designed and developed from the first step to finish using SDL.More than 1,000 threat models were developed for Windows Vista to ensure identification and reduse of risks in different parts of the
operating system that required especial testing.
Section 2: Kernel Patch
The most important security issue is out “operating system kernel”. These rootkits are usually very useful for unwanted software, like
spywares. Kernel patch Protection of rootkits can reduce the Risk and increase stability, reliability and performance in the system, include All User data and programs.
Handling of these problems were very difficult before, because 32-bit Windows drivers like windows XP are not identified and compatible
with digital signature and It has Unsupported and poor kernel.Windows 32-bit security products that provide blocking action capabilities modify the kernel through unsupported techniques .
Although the computer system moves from 32-bit to a 64-bit architecture but the smaller installed base of 64-bit software makes it
possible to making significant enhancements for security in the kernel and reduce the potential for rootkits .
What is Kernel Patching?
Kernel patching is the practice or trying for using unsupported methods or features to change or replace of kernel code. Kernel patching can
have different result in behavior during system instability and performance errors and problems such as the Blue Screen error that we know it can reach to lost user data. another issue that is very important in kernel patching is increase the mechanism versus malware developers and attackers for Windows Vista Operating system.
The biggest risk in kernel patching is about virus and spyware writers that use this technique with malicious for hiding their presence and
effects.
Of course Malware authors are motivated for patching the kernel because That’s a powerful and great mechanism for attacking the computers and data. What is Kernel Patch Protection?
There are many features of security in Windows Vista. But I want to emphasize Kernel Patch Protection is not one of them. I mean Kernel
Patch Protection created in x64 CPU architecture versions and Microsoft used it in Microsoft Windows Server 2003 SP1 and Windows XP Professional. but it not supported in x86 architectures or 32-bit systems. With increasing of using of 64-bit computers, The
Vista users will see more benefit from this technology. Actually Kernel Patch Protection monitors and looks if any resources used by the kernel or probably kernel code has been changed or modified by itself. Fortunately If windows vista detects or feels any unauthorized patch of data or code it will shut down the system
automatically. But we should consider that the Kernel Patch Protection can not prevent all viruses and malware . It can prevent one way versus attackers to system.
Section 3: Encrypting File System improvement:
We can say that The Encrypting File System or EFS is best tool for encryption of files in client and server computer. It helps users to protect their data from Unreal and unauthorized access by other person or computer or external attackers. In Windows Vista EFS includes many new security techniques and features.In Vista, EFS Technique supports “user keys storing” and also administrative keys on the smart cards. If smart card uses for login, EFS will operates in a Sign On mode, where it uses the login smart card for file encryption without require for the PIN. In windows vista through the process of creating and setting smart card keys performs their files from an old smart card to the new smart card . The utility program for smart card has these features as well.
EFS is available in Windows Vista Business, Enterprise and Ultimate.
Section 4: USB Device and Removable Devices Control:
As we know , connecting between Devices with computer is very usual in these days and users should have the ability to add new hardware to
the computer or use USB Devices or another removable storage devices.It can create two problems in system: First it may make harder
to maintain the computer when we install any unsupported device, and second it can create threats to data security as well. with a USB
Device or removable storage, with “autorun” technique can use by an attacker to install malwares or any malicious software on an
unattended system.
Fortunately Windows Vista manages or blocks the installation of unsupported or unauthorized parts or devices. These security configuration can applied independently on a client computer, or in
numbers of systems in a network. Administrator has a lot of power for setting these policies and controls in Windows vista. We can say that
The Group Policy settings are available special for manage and control for reading and writing action in removable storage devices like USB
Devices as a per user or per system base.
Section 5 : Windows Defender
As we know in these years spyware and other unwanted software like adware, bots and rootkits create big problems for systems and users.The progress of job for these type of software is Usually they installed without a user’s knowledge or confirmation and they can damage or corrupt personal information and passwords and send them
to third parties without the user’s permission.
Microsoft Knows that it is very important for users to use anti-spyware protection in system. As customer choice, Microsoft supports users for
having choice about what program install and run on their computer or from where it came or what it does and how we can to remove that.Based on these discuses and users complains about spyware, Microsoft decided to create and use anti-spyware solution or Windows Defender in Windows Vista. In fact Windows Defender will help for protection
and remove spywares, adwares, rootkits, control utilities and such these things that we call “malware.” In Windows Vista, Windows Defender helps us for protection of unwanted application and software installation. It prompts and monitors different aspects of OS when feels it abused by malware , like the Startup folder in windows and the registry file. If any software to
attempt for changing to one of the protected areas of the Vista , Windows Defender prompts and appeara a message the user for allow or reject that changes.Good news , Windows Defender is available as a free download plug ins for licensed customers of Windows 2000, Windows XP and Windows Server 2003.
Section 6 : Windows Firewall
Most of Windows XP users used from Firewall. A firewall is a critical first line for defense versus huge kinds of malware before they can
enter to user’s computer or our network.
When Microsoft XP released in the first version of that the built-in firewall be turned off by default. The reason was because of compatibility with some applications or probably third-party firewalls. Based on that Microsoft released the Windows XP with the disabled
firewall by default. Naturally , a lot of customers and users did not get any benefit from firewall protection whenever any network worms
arrived to their computer.
Windows Vista Firewall
Base on this experience and for prevent of such events, naturally the firewall in Windows Vista should be on as a default and also compatible with another software. because of that the Customers who want to use a third-party firewall can turn off the built-in firewall easily.
It means the firewall in Windows Vista will turn on by default at the beginning when Windows starts for user protection. Another issue is
that The Windows Firewall in Windows Vista also allows the administrator of network or single system to block some applications as a peer-to-peer sharing softwares or instant messaging softwares that usually nobody like them.
Section
7: Protecting the Kernel of Windows in 32-Bit vs. 64-Bit
Microsoft as a designer and developer of Windows vista tried the best for create more reliable and more secure product from attacks. In fact in basic level, It means that the design and development of kernel mode code in Windows Vista
needs to have a security-focused design and development, and then test and release. As I Mentioned Microsoft has been started this Method since 2002 Under Security Development Lifecycle (SDL) progress. The Microsoft development team had an important and clear goal for improving the reliability and security in new product . As a producer It has a risk because of application
compatibility should considered in during security platform. In 32-bit windows mostly Windows XP there is , over time, third-party
developers used unsupported in a lot of applications that used by users. Actually to simply using unsupported and undocumented interfaces , there is a technique that called “kernel patching” . I emphasize here that kernel instructions and data structures are responsible directly for manipulating to
modify , change and control of system behavior.
Windows 32-Bit Architecture in Kernel and User Mode .This technique is very useful for prevent with malwares but even without malwares the using of this technique can introduce instability and stability in the system.Advantage of supported interface is that If this kind of interface is used,and changed the developers are informed about that From Microsoft documents and he/she can update their code for handle the changes. In other hand , the changes to undocumented and unsupported interfaces can not tracked and will
reach to crashes or other unexpected problems and effects when the kernel patching technique is used. Unsupported patching techniques usually will patch the undocumented kernel interfaces and naturally without introducing this side it
can reduce security in the system. When some Software and Program packages try to chain together to using of unsupported patching techniques these issues will be important. for example, Some times the order of calls from a package to next package is undefined, the
same as its behavior when we want remove one package from that chain. This kind of problem is too complex and it can lead to other subtle problems that are very difficult to diagnose and mostly it happen frequently. Although , these
techniques will be bad computer science and techniques practice, and we can say it does not support most of computer science engineering disciplines.With malicious or malwares , rootkits can be much more dangerous, because of
allowing malicious program for hiding and protecting itself while controlling and monitoring all user, as well as controlling access and performing to all software, files, and connecting to network and even hardware. These activities of malwares can do to online theft for passwords of banks or IDs.Unfortunately, making compact or zip for kernel of 32-bit systems would have a risk for some attack techniques. but for reduce this compressing and risk rate Microsoft decided to implement and improve these changes in 64-bit Windows. Because of that we have “clean start” state in Vista with native 64-bit drivers and all software adapted to these changes.
Section 8: What was Vista security holes?
As we heard Kaspersky Anti Virus Company is one of the best company for prevent of Malwares and Viruses in these days. Their experts Labs have
predicted more that 90% of current and distributed of malware will run on Windows Vista.
We believe now that Vista appears to be much more secure than previous Windows XP but The researchers warned to Microsoft and users that as Vista becomes more popular in these days and it should increase protection of kernel vs hackers.
As we know the first pieces and parts of any operating system would be attacked by attackers .It should be PatchGuard that protects the Vista kernel that we talked about that.
Although the first thing as a aim can be the technology that it take access to the
kernel of operating system more difficult.
PatchGuard as we said or kernel protection tries to prevent or protect the Vista
kernel from illegal access and unauthorised user or softwares. It can lock the system completely if it detects any risky patch or code.
Unfortunately Some hackers could try to install malware to the kernel of vista in the test stage by using new method. Actually as a drivers they ran their software in kernel space of vista.
Section 9 : New Security vs. Convenience Usability
Sometimes with appearance of new features some of advantages will be lose.in fact One of the basic issue in security designing is keeping fair between security and usability. We can say If the security is too complex, then usable simply will
be gone. If a feature offers very good level of security protection level , if it is much more complex or it has poor design of usability it will be disabled by users or administrator of systems. When microsoft engineers and designers underestood that Windows Vista is very secure , they tried to create security capabilities and they enabled by default for usable enough for users for prevent of inconvinience. It’s great when you know the risks decrease by adding new security features and you can use as well as before or may be appear easier to use .
That was very hard and expert balance that you know How many softwares or applications will be need harder security and how many users wants to turn off security feature if their usability comes down?One of the great new thing in Windows Vista is User Account Control or UAC. In fact UAC is a “standard user that works” or “non-administrative user that can actually do things.” For doing some things such as change the local time zone on the windows XP , you had to have local administrator level. It means we can
say everyone did a login account to system he or she was a member of the local administrators level.
But in Windows Vista, one of the main goal of User Account Control was to protect users from attack of malware or another users. To achieve that goals for Vista, they defined a standard user for all end-user that they wanted to get their changing , but for protect some user that they really need to be an administrator
from something bad and risky. Totally The primary aim of microsoft was to protect the system from user with malicious and some users that they want to illegal access.
Section 10: Windows Defender
For that When you want to see the usability of vista ,The first thing may be that the system asked too frequently for permission. Microsoft before release of vista also worked and contacted with application and software vendors to making sure that they do not require elevation and verificatin from administrators side except whenever it is necessary.
Another example for comparing convenience versus security is the policy and strategy for enabling Data Execution Prevention or DEP in Vista. In fact DEP treats data as data even code as code, and then it blocks execution stage. The
benefit of this is it allows the data buffer to be overrun with DEP, so it is harder for attacker to execute the malware codes that was placed already in the data buffer . DEP is turned on in vista by default for the kernel Mode and it is a
excellent technique for protecting parts in the system mostly Internet Explorer. The problem is that it turns out that a third-party add-ons that generate a dynamically code and store that code in the data buffer and there is no way for
DEP to diagnose between this add-ons and malware. It mean we have more security or we can select application compatibility issues.
Conclusion:
Windows Vista can make our job easier and more secure our system. If we are a systems engineer or expert , surely we will find it nearly for develop to high level secure client platform. For nonprofessional users I think there is a little
problem for using windows vista just for unsupported some programs that they probably need and some hardware as well. From security point of view with these terms that I explained , windows vista is really one big successfully for
microsoft. Because with using of Security Development Life Cycle, Kernel Patch Protection , Encrypting File System, Preparing security for USB and Removable Device, Windows Defender ,Windows Firewall and a lot of
techniques that microsoft never pulished that it’s too hard attacking and cracking
and any abuse of probably holes in this product.I recommend to everyone for installing from today and enjoy from the latest operating system in the world.
Section 1: Security Development Lifecycle
The Security Development Lifecycle technique or SDL is a professional process that helps for making sure that the software are built from the
base to reduce security risk. The SDL implements a professional process of secure design, coding, implementing, testing, review and response for all Microsoft products specific windows Vista .The SDL removes the surface area for attacks, improves operating system and
application be bugless, and helps organizations high securely management and isolate the network.
We can say that The Windows Vista is the first client operating system to be Designed and developed from the first step to finish using SDL.More than 1,000 threat models were developed for Windows Vista to ensure identification and reduse of risks in different parts of the
operating system that required especial testing.
Section 2: Kernel Patch
The most important security issue is out “operating system kernel”. These rootkits are usually very useful for unwanted software, like
spywares. Kernel patch Protection of rootkits can reduce the Risk and increase stability, reliability and performance in the system, include All User data and programs.
Handling of these problems were very difficult before, because 32-bit Windows drivers like windows XP are not identified and compatible
with digital signature and It has Unsupported and poor kernel.Windows 32-bit security products that provide blocking action capabilities modify the kernel through unsupported techniques .
Although the computer system moves from 32-bit to a 64-bit architecture but the smaller installed base of 64-bit software makes it
possible to making significant enhancements for security in the kernel and reduce the potential for rootkits .
What is Kernel Patching?
Kernel patching is the practice or trying for using unsupported methods or features to change or replace of kernel code. Kernel patching can
have different result in behavior during system instability and performance errors and problems such as the Blue Screen error that we know it can reach to lost user data. another issue that is very important in kernel patching is increase the mechanism versus malware developers and attackers for Windows Vista Operating system.
The biggest risk in kernel patching is about virus and spyware writers that use this technique with malicious for hiding their presence and
effects.
Of course Malware authors are motivated for patching the kernel because That’s a powerful and great mechanism for attacking the computers and data. What is Kernel Patch Protection?
There are many features of security in Windows Vista. But I want to emphasize Kernel Patch Protection is not one of them. I mean Kernel
Patch Protection created in x64 CPU architecture versions and Microsoft used it in Microsoft Windows Server 2003 SP1 and Windows XP Professional. but it not supported in x86 architectures or 32-bit systems. With increasing of using of 64-bit computers, The
Vista users will see more benefit from this technology. Actually Kernel Patch Protection monitors and looks if any resources used by the kernel or probably kernel code has been changed or modified by itself. Fortunately If windows vista detects or feels any unauthorized patch of data or code it will shut down the system
automatically. But we should consider that the Kernel Patch Protection can not prevent all viruses and malware . It can prevent one way versus attackers to system.
Section 3: Encrypting File System improvement:
We can say that The Encrypting File System or EFS is best tool for encryption of files in client and server computer. It helps users to protect their data from Unreal and unauthorized access by other person or computer or external attackers. In Windows Vista EFS includes many new security techniques and features.In Vista, EFS Technique supports “user keys storing” and also administrative keys on the smart cards. If smart card uses for login, EFS will operates in a Sign On mode, where it uses the login smart card for file encryption without require for the PIN. In windows vista through the process of creating and setting smart card keys performs their files from an old smart card to the new smart card . The utility program for smart card has these features as well.
EFS is available in Windows Vista Business, Enterprise and Ultimate.
Section 4: USB Device and Removable Devices Control:
As we know , connecting between Devices with computer is very usual in these days and users should have the ability to add new hardware to
the computer or use USB Devices or another removable storage devices.It can create two problems in system: First it may make harder
to maintain the computer when we install any unsupported device, and second it can create threats to data security as well. with a USB
Device or removable storage, with “autorun” technique can use by an attacker to install malwares or any malicious software on an
unattended system.
Fortunately Windows Vista manages or blocks the installation of unsupported or unauthorized parts or devices. These security configuration can applied independently on a client computer, or in
numbers of systems in a network. Administrator has a lot of power for setting these policies and controls in Windows vista. We can say that
The Group Policy settings are available special for manage and control for reading and writing action in removable storage devices like USB
Devices as a per user or per system base.
Section 5 : Windows Defender
As we know in these years spyware and other unwanted software like adware, bots and rootkits create big problems for systems and users.The progress of job for these type of software is Usually they installed without a user’s knowledge or confirmation and they can damage or corrupt personal information and passwords and send them
to third parties without the user’s permission.
Microsoft Knows that it is very important for users to use anti-spyware protection in system. As customer choice, Microsoft supports users for
having choice about what program install and run on their computer or from where it came or what it does and how we can to remove that.Based on these discuses and users complains about spyware, Microsoft decided to create and use anti-spyware solution or Windows Defender in Windows Vista. In fact Windows Defender will help for protection
and remove spywares, adwares, rootkits, control utilities and such these things that we call “malware.” In Windows Vista, Windows Defender helps us for protection of unwanted application and software installation. It prompts and monitors different aspects of OS when feels it abused by malware , like the Startup folder in windows and the registry file. If any software to
attempt for changing to one of the protected areas of the Vista , Windows Defender prompts and appeara a message the user for allow or reject that changes.Good news , Windows Defender is available as a free download plug ins for licensed customers of Windows 2000, Windows XP and Windows Server 2003.
Section 6 : Windows Firewall
Most of Windows XP users used from Firewall. A firewall is a critical first line for defense versus huge kinds of malware before they can
enter to user’s computer or our network.
When Microsoft XP released in the first version of that the built-in firewall be turned off by default. The reason was because of compatibility with some applications or probably third-party firewalls. Based on that Microsoft released the Windows XP with the disabled
firewall by default. Naturally , a lot of customers and users did not get any benefit from firewall protection whenever any network worms
arrived to their computer.
Windows Vista Firewall
Base on this experience and for prevent of such events, naturally the firewall in Windows Vista should be on as a default and also compatible with another software. because of that the Customers who want to use a third-party firewall can turn off the built-in firewall easily.
It means the firewall in Windows Vista will turn on by default at the beginning when Windows starts for user protection. Another issue is
that The Windows Firewall in Windows Vista also allows the administrator of network or single system to block some applications as a peer-to-peer sharing softwares or instant messaging softwares that usually nobody like them.
Section
7: Protecting the Kernel of Windows in 32-Bit vs. 64-Bit
Microsoft as a designer and developer of Windows vista tried the best for create more reliable and more secure product from attacks. In fact in basic level, It means that the design and development of kernel mode code in Windows Vista
needs to have a security-focused design and development, and then test and release. As I Mentioned Microsoft has been started this Method since 2002 Under Security Development Lifecycle (SDL) progress. The Microsoft development team had an important and clear goal for improving the reliability and security in new product . As a producer It has a risk because of application
compatibility should considered in during security platform. In 32-bit windows mostly Windows XP there is , over time, third-party
developers used unsupported in a lot of applications that used by users. Actually to simply using unsupported and undocumented interfaces , there is a technique that called “kernel patching” . I emphasize here that kernel instructions and data structures are responsible directly for manipulating to
modify , change and control of system behavior.
Windows 32-Bit Architecture in Kernel and User Mode .This technique is very useful for prevent with malwares but even without malwares the using of this technique can introduce instability and stability in the system.Advantage of supported interface is that If this kind of interface is used,and changed the developers are informed about that From Microsoft documents and he/she can update their code for handle the changes. In other hand , the changes to undocumented and unsupported interfaces can not tracked and will
reach to crashes or other unexpected problems and effects when the kernel patching technique is used. Unsupported patching techniques usually will patch the undocumented kernel interfaces and naturally without introducing this side it
can reduce security in the system. When some Software and Program packages try to chain together to using of unsupported patching techniques these issues will be important. for example, Some times the order of calls from a package to next package is undefined, the
same as its behavior when we want remove one package from that chain. This kind of problem is too complex and it can lead to other subtle problems that are very difficult to diagnose and mostly it happen frequently. Although , these
techniques will be bad computer science and techniques practice, and we can say it does not support most of computer science engineering disciplines.With malicious or malwares , rootkits can be much more dangerous, because of
allowing malicious program for hiding and protecting itself while controlling and monitoring all user, as well as controlling access and performing to all software, files, and connecting to network and even hardware. These activities of malwares can do to online theft for passwords of banks or IDs.Unfortunately, making compact or zip for kernel of 32-bit systems would have a risk for some attack techniques. but for reduce this compressing and risk rate Microsoft decided to implement and improve these changes in 64-bit Windows. Because of that we have “clean start” state in Vista with native 64-bit drivers and all software adapted to these changes.
Section 8: What was Vista security holes?
As we heard Kaspersky Anti Virus Company is one of the best company for prevent of Malwares and Viruses in these days. Their experts Labs have
predicted more that 90% of current and distributed of malware will run on Windows Vista.
We believe now that Vista appears to be much more secure than previous Windows XP but The researchers warned to Microsoft and users that as Vista becomes more popular in these days and it should increase protection of kernel vs hackers.
As we know the first pieces and parts of any operating system would be attacked by attackers .It should be PatchGuard that protects the Vista kernel that we talked about that.
Although the first thing as a aim can be the technology that it take access to the
kernel of operating system more difficult.
PatchGuard as we said or kernel protection tries to prevent or protect the Vista
kernel from illegal access and unauthorised user or softwares. It can lock the system completely if it detects any risky patch or code.
Unfortunately Some hackers could try to install malware to the kernel of vista in the test stage by using new method. Actually as a drivers they ran their software in kernel space of vista.
Section 9 : New Security vs. Convenience Usability
Sometimes with appearance of new features some of advantages will be lose.in fact One of the basic issue in security designing is keeping fair between security and usability. We can say If the security is too complex, then usable simply will
be gone. If a feature offers very good level of security protection level , if it is much more complex or it has poor design of usability it will be disabled by users or administrator of systems. When microsoft engineers and designers underestood that Windows Vista is very secure , they tried to create security capabilities and they enabled by default for usable enough for users for prevent of inconvinience. It’s great when you know the risks decrease by adding new security features and you can use as well as before or may be appear easier to use .
That was very hard and expert balance that you know How many softwares or applications will be need harder security and how many users wants to turn off security feature if their usability comes down?One of the great new thing in Windows Vista is User Account Control or UAC. In fact UAC is a “standard user that works” or “non-administrative user that can actually do things.” For doing some things such as change the local time zone on the windows XP , you had to have local administrator level. It means we can
say everyone did a login account to system he or she was a member of the local administrators level.
But in Windows Vista, one of the main goal of User Account Control was to protect users from attack of malware or another users. To achieve that goals for Vista, they defined a standard user for all end-user that they wanted to get their changing , but for protect some user that they really need to be an administrator
from something bad and risky. Totally The primary aim of microsoft was to protect the system from user with malicious and some users that they want to illegal access.
Section 10: Windows Defender
For that When you want to see the usability of vista ,The first thing may be that the system asked too frequently for permission. Microsoft before release of vista also worked and contacted with application and software vendors to making sure that they do not require elevation and verificatin from administrators side except whenever it is necessary.
Another example for comparing convenience versus security is the policy and strategy for enabling Data Execution Prevention or DEP in Vista. In fact DEP treats data as data even code as code, and then it blocks execution stage. The
benefit of this is it allows the data buffer to be overrun with DEP, so it is harder for attacker to execute the malware codes that was placed already in the data buffer . DEP is turned on in vista by default for the kernel Mode and it is a
excellent technique for protecting parts in the system mostly Internet Explorer. The problem is that it turns out that a third-party add-ons that generate a dynamically code and store that code in the data buffer and there is no way for
DEP to diagnose between this add-ons and malware. It mean we have more security or we can select application compatibility issues.
Conclusion:
Windows Vista can make our job easier and more secure our system. If we are a systems engineer or expert , surely we will find it nearly for develop to high level secure client platform. For nonprofessional users I think there is a little
problem for using windows vista just for unsupported some programs that they probably need and some hardware as well. From security point of view with these terms that I explained , windows vista is really one big successfully for
microsoft. Because with using of Security Development Life Cycle, Kernel Patch Protection , Encrypting File System, Preparing security for USB and Removable Device, Windows Defender ,Windows Firewall and a lot of
techniques that microsoft never pulished that it’s too hard attacking and cracking
and any abuse of probably holes in this product.I recommend to everyone for installing from today and enjoy from the latest operating system in the world.
Brian Culp wrote:
Another excellent tool that’s freely available to Windows Vista administrators (or anyone else, for that matter) is the Microsoft Baseline Security Analyzer (MBSA). This tool scans a system and quickly identifies security holes such as missing software patches or accounts with a blank or weak password.
Better yet, it recommends corrective action. The only bad news of sorts is that it’s not built into Windows Vista. You have to download this one from the Microsoft web site. The newest version of this tool at the time of this writing was released in May of 2008, Version 2.1. This updated version provides additional features which are detailed at the Microsoft website.
However, legacy Microsoft products are not supported by MBSA 2.1. Because of this, Microsoft has teamed-up with Shavlik Technologies to offer a free companion tool for MBSA 2.1. This will allow users of MBSA 2.01 to still receive security updates.
For the MBSA 2.01, the install steps are straightforward; just follow the steps in the wizard. During installation, the MBSA places a shortcut on the desktop by default. To launch the tool and perform a scan, follow these steps:
Double-click the desktop icon, and then, from the MBSA home page, choose Scan a Computer. Note here that admins can also use the MBSA to scan multiple computers in a network from a central location. In the Computer to Scan page, you should see the local machine listed if you’ve chosen the “Scan a computer” option. (The other selection produces a page from which you can select a range of machines.) Furthermore, the options in this screen let you specify exactly what components get checked during the scan. Once you verify the machine to scan, click the “Start scan” link. You’ll now see a Scanning page with a progress bar that can take several minutes to complete. When the scan finishes, you’ll see a report screen.
As you can see, this provides extremely valuable information to administrators who are interested in doing everything they can to stop problems before they start. For example, the administrator of this machine has been very diligent about installing necessary software updates, it seems, and has gotten passing grades in most areas of computer security. But the MBSA scan generates a failing grade…how is this possible? The MBSA makes it easy to investigate the exact nature of the failing grade by clicking the “Result details” link, revealing the dialog box. In this case it reveales a very significant (yet usually hidden) threat: local user account passwords are weak, thus generating the failing grade.
If you’d like to get my book “Windows Vista Administration: The Definitive Guide” by Brian Culp, (or any of my other books and tutorials), you can pick it up at my website, www.TheAnswerHub.com or at most major book chains. In addition, I’m always happy to provide additional assistance for free (within reason, mind you…don’t go thinking this is some sort of a free ride). Visit me at my website and submit your questions to me. I’ll get back to you with an answer as soon as possible.
Up Next: in the conclusion of this 5-part series, we’ll be discussing the removal of malicious software using the Malicious Software Removal Tool within Windows Vista.
Another excellent tool that’s freely available to Windows Vista administrators (or anyone else, for that matter) is the Microsoft Baseline Security Analyzer (MBSA). This tool scans a system and quickly identifies security holes such as missing software patches or accounts with a blank or weak password.
Better yet, it recommends corrective action. The only bad news of sorts is that it’s not built into Windows Vista. You have to download this one from the Microsoft web site. The newest version of this tool at the time of this writing was released in May of 2008, Version 2.1. This updated version provides additional features which are detailed at the Microsoft website.
However, legacy Microsoft products are not supported by MBSA 2.1. Because of this, Microsoft has teamed-up with Shavlik Technologies to offer a free companion tool for MBSA 2.1. This will allow users of MBSA 2.01 to still receive security updates.
For the MBSA 2.01, the install steps are straightforward; just follow the steps in the wizard. During installation, the MBSA places a shortcut on the desktop by default. To launch the tool and perform a scan, follow these steps:
Double-click the desktop icon, and then, from the MBSA home page, choose Scan a Computer. Note here that admins can also use the MBSA to scan multiple computers in a network from a central location. In the Computer to Scan page, you should see the local machine listed if you’ve chosen the “Scan a computer” option. (The other selection produces a page from which you can select a range of machines.) Furthermore, the options in this screen let you specify exactly what components get checked during the scan. Once you verify the machine to scan, click the “Start scan” link. You’ll now see a Scanning page with a progress bar that can take several minutes to complete. When the scan finishes, you’ll see a report screen.
As you can see, this provides extremely valuable information to administrators who are interested in doing everything they can to stop problems before they start. For example, the administrator of this machine has been very diligent about installing necessary software updates, it seems, and has gotten passing grades in most areas of computer security. But the MBSA scan generates a failing grade…how is this possible? The MBSA makes it easy to investigate the exact nature of the failing grade by clicking the “Result details” link, revealing the dialog box. In this case it reveales a very significant (yet usually hidden) threat: local user account passwords are weak, thus generating the failing grade.
If you’d like to get my book “Windows Vista Administration: The Definitive Guide” by Brian Culp, (or any of my other books and tutorials), you can pick it up at my website, www.TheAnswerHub.com or at most major book chains. In addition, I’m always happy to provide additional assistance for free (within reason, mind you…don’t go thinking this is some sort of a free ride). Visit me at my website and submit your questions to me. I’ll get back to you with an answer as soon as possible.
Up Next: in the conclusion of this 5-part series, we’ll be discussing the removal of malicious software using the Malicious Software Removal Tool within Windows Vista.
Back to top