Paul Thurrott wrote an excellent article about Vista's new security features. After reading it, you might get the impression that Vista's improved security is reason enough to get rid of your XP machines as soon as possible.
- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
Paul's article gives an introduction to the following topics: Address Space Layout Randomizer, User Account Control, Windows Security Center, Windows Defender, Windows Firewall, Internet Explorer 7 Protected Mode, Phishing Filter, Windows Update, Parental Controls, Windows BitLocker Drive Encryption, and USB Device Lockdown.
Even if it seems that some of these features might not be relevant for computers in a company network, you should have a look at them. For example, the Webfilter of Parental Controls might not only be useful for preventing children's access to certain Web sites.
For me, it was interesting to read that User Account Control (UAC) is used by other security tools and components in Vista. For example the Protected Mode feature of Internet Explorer 7 relies on UAC. That's why Protected Mode isn't available for the Windows XP version of IE7.
I, still, doubt that UAC improves security for system administrators. Security is not only a technical issue, but mostly a psychological problem. In theory, it might seem obvious that warning messages popping up whenever critical system components are involved could help prevent malware execution. In praxis, system administrators will get used to confirming UAC messages. This will blindfold them for really important security messages. This way UAC could even decrease security in the long run.
Most interesting for me is Paul's conclusion about Vista's new security features:
Subscribe to 4sysops newsletter!
Windows Vista is dramatically more secure than is Windows XP. But over time, we'll need to see how Vista withstands the real-world electronic attacks that will no doubt hound this OS. A year from now, we'll be able to step back and evaluate how Vista performed in the wild. For now, Microsoft can at least take some comfort in the fact that Vista is, perhaps, the most secure OS it's ever created. There's just no doubt about that.
