We Have Moved

Good day, Paul Cooke here.   The Windows Vista Security blog has been a great avenue for us to talk with you about what has made Windows Vista the most secure client operating system Microsoft has ever delivered. However, hindsight is always 20/20 and it is clear that while we started with a good cadence…


Microsoft SIRv5 Released

Good day, Paul Cooke here.   The Microsoft Malware Protection Center has published volume five of the Microsoft Security Intelligence Report. If you have not taken a look at this report before, I urge you to go download it from http://www.microsoft.com/sir. It provides a thorough view of the current threat landscape and is filled with…


TechED – EMEA

Good day, Paul Cooke here. I am in Barcelona getting set up for some sessions at TechEd-EMEA in Barcelona. The weather was a bit dicey for parts of yesterday but today is clear and beautiful. I’ve got two full sessions and a bit part in a third where I will be talking about Windows 7 security features. If you are…


Windows Vista Security Stories @ TechEd – Recap

Good day! Paul Cooke, Director of Enterprise Security, here. Orlando entertained close to 9,500 customers, partners, and staff at the first Microsoft Tech·Ed for IT Professionals. For four days, IT Professionals from around the world experienced in-depth technical learning with more than 770 Breakout Sessions, Hands-on Labs, and Instructor-led Labs; they also networked and shared…


Windows Vista and Malware

Hi, Austin Wilson here.   Recently there have been some questions raised about the susceptibility of Windows Vista to malware – specifically, that it’s more susceptible to malware than Windows 2000.  I’d like to show why we reject that claim.   We study the malware space very carefully and publish our results twice a year in the…


Disk encryption: Balancing security, usability and risk assessment

Hi: Russ Humphries here.  There’s been a lot of attention this week paid to memory attacks against disk encryption technologies and I wanted to provide some commentary and thoughts. The focus of these conversations is centering on investigating the contents of a computer’s memory – if it’s running or shortly after it has been recently…


Windows Vista Security One Year Later

Hi, Austin Wilson here.  Now that Windows Vista has been available to business customers for more than a year, it’s a good time to go back and look at how it’s holding up from a security perspective.  I think that it’s fair to say that Windows Vista is proving to be the most secure version…


Extended Validation SSL Update

I am Craig Spiezle, Director of Online Security and Safety for Microsoft Internet Explorer.  While I am new to this role, I’ve been at Microsoft for over 10 years, and very involved on usability and online safety, helping users realize their potential, while being confident that their data and privacy are maintained.   In response to mounting…


(Driver Signing <> Kernel Patch Protection) AND (KPP <> Driver Signing)

So I am reading a lot of stories that seem to have confused, or incorrectly aligned, Windows Vista driver signing and Kernel Patch Protection technologies. Whilst driver signing and KPP are complimentary, they are not conjoined. Driver signing provides a method to better identify the author/creator of a piece of software or code so that…


FAQ: Why can’t I bypass the UAC prompt?

[This item was authored by Aaron Margosis and originally appeared on his Non-Admin Blog.] The frequently asked question, “Why can’t I bypass the UAC prompt?” is often accompanied by statements like one or more of the following: “We want our application to run elevated automatically without prompting the user.” “I don’t get why I can’t authorize an…

41