Extended Validation SSL Update

I am Craig Spiezle, Director of Online Security and Safety for Microsoft Internet Explorer.  While I am new to this role, I’ve been at Microsoft for over 10 years, and very involved on usability and online safety, helping users realize their potential, while being confident that their data and privacy are maintained.   In response to mounting…


(Driver Signing <> Kernel Patch Protection) AND (KPP <> Driver Signing)

So I am reading a lot of stories that seem to have confused, or incorrectly aligned, Windows Vista driver signing and Kernel Patch Protection technologies. Whilst driver signing and KPP are complimentary, they are not conjoined. Driver signing provides a method to better identify the author/creator of a piece of software or code so that…


FAQ: Why can’t I bypass the UAC prompt?

[This item was authored by Aaron Margosis and originally appeared on his Non-Admin Blog.] The frequently asked question, “Why can’t I bypass the UAC prompt?” is often accompanied by statements like one or more of the following: “We want our application to run elevated automatically without prompting the user.” “I don’t get why I can’t authorize an…

41

x64 Driver Signing Update

Hi,  it’s Scott Field, Windows Security Architect, again.  Microsoft recently became aware of a third party kernel mode driver named “Atsiv” which provides a deliberate means of loading code that conflicts with the Kernel Mode Code Signing (KMCS) policy included in Windows Vista x64 editions.   In Windows Vista x64 editions, the default KMCS policy is to…


Windows Smartcard Framework Certification Program Goes Live

Hi – everyone!    I’m David Cross the Director of Program Management for Windows Security.  It has been a while since I last posted to this blog during the Windows Vista beta cycle on UAC.  I thought a new posting from myself was long overdue and I have some exciting news to share on one…


Windows Vista Security at 180 Days

Just as he did at the 90-day mark, Jeff Jones, a Microsoft Director from the Trustworthy Computing group and frequent blogger on security topics, has done a comparison of vulnerabilities discovered in Windows Vista versus other operating systems in their first 6 months of availability.   Windows Vista holds up well in this comparison, showing a…


PKI Enhancements in Windows Vista and Windows Server 2008

 I’m Avi Ben-Menahem, the lead program manager for the PKI and smart card technologies in Windows Security.   The PKI (Public Key Infrastructure) team in Microsoft is responsible for the different technologies related to digital certificates, these technologies and products include the CA (Certificate Authority), the client enrollment API and UI, OCSP (Online Certificate Status Protocol)…


The Windows Vista Security Blog is Back

We’re back!  You’ve probably noticed that the blog hasn’t been updated much lately.  We’re going to change that and you can expect to see regular posts again.  Windows Vista has been publicly available for over 100 days now, and we think we’re holding up pretty well.  As we said, no software is 100% perfect and…


Windows Vista Security Guide 1.2 Released

We have identified an issue with version  1.1 of  the Windows Vista Security Guide, which caused some of the group policy objects to not be created correctly. If you have downloaded version 1.1, which was available for download from December 4, 2006 through December 14, 2006, please download version 1.2 from http://go.microsoft.com/?linkid=5639874. More information about…