An Introduction to Kernel Patch Protection

Hello, I’m Scott Field, an Architect working on Windows Kernel Security. There have been a lot of questions recently about a Windows technology called Kernel Patch Protection (sometimes referred to as PatchGuard) so I wanted to provide some context about the feature to help answer them.  OS kernel design is a very specialized area of…


Built-in Administrator Account Disabled

In Windows Vista we made numerous changes to our user account model. Standard users are now the default user type for new accounts created after initial setup. The Power Users group is effectively deprecated. In addition, we’ve made it much easier to run as a standard user and even administrators run with limited Windows privileges…


x64 Driver Signing Update

Hi,  it’s Scott Field, Windows Security Architect, again.  Microsoft recently became aware of a third party kernel mode driver named “Atsiv” which provides a deliberate means of loading code that conflicts with the Kernel Mode Code Signing (KMCS) policy included in Windows Vista x64 editions.   In Windows Vista x64 editions, the default KMCS policy is to…


Windows Vista Security Center: User-Focused Improvements

I’m Chas Jeffries, and I’m the lead program manager for Windows Security Center (WSC) for Windows Vista. As I write this, we are working hard to prepare for the RTM release of Windows Vista. The past year has been an exciting one for the WSC team. We have been working with customers and ISVs to…


Security Update Policy for Windows Vista

Windows Vista is the first major Microsoft product release that will be serviced with security updates throughout the beta process. We are committed to release Windows Vista updates for all MSRC critical class issues that may arise during the beta testing period. We strive to release any Windows Vista updates as soon as possible, but…


Windows Vista Security One Year Later

Hi, Austin Wilson here.  Now that Windows Vista has been available to business customers for more than a year, it’s a good time to go back and look at how it’s holding up from a security perspective.  I think that it’s fair to say that Windows Vista is proving to be the most secure version…


FAQ: Why can’t I bypass the UAC prompt?

[This item was authored by Aaron Margosis and originally appeared on his Non-Admin Blog.] The frequently asked question, “Why can’t I bypass the UAC prompt?” is often accompanied by statements like one or more of the following: “We want our application to run elevated automatically without prompting the user.” “I don’t get why I can’t authorize an…

41

Windows Vista Security Testing

Hi, I’m Austin Wilson, Director of Product Management for Windows Vista security.   Our first focus for Windows Vista security is engineering the operating system for security.   Windows Vista is the first Windows client release to be developed end to end using the Security Development Lifecycle (SDL), detailed in this new book by Michael Howard and…


Windows Vista Security Guide Now Available

Microsoft’s Solution Accelerator – Security and Compliance team is pleased to announce the release of the Windows Vista Security Guide, which is now available for downloading. The Windows Vista Security Guide provides IT Professionals like you with specific recommendations and automated tools to further harden Windows Vista against real-world security threats. Based on your feedback…


New Authentication Functionality in Windows Vista

The Windows Authentication Team works on the core Windows authentication components, such as the LSA, and is responsible for Windows authentication protocols, including Kerberos, SSL, NTLM, and Digest. The team has 5 program managers, 10 developers, and 11 testers. We also have one architect, Paul Leach, who holds the title of Distinguished Engineer (the highest…