x64 Driver Signing Update

Hi,  it’s Scott Field, Windows Security Architect, again.  Microsoft recently became aware of a third party kernel mode driver named “Atsiv” which provides a deliberate means of loading code that conflicts with the Kernel Mode Code Signing (KMCS) policy included in Windows Vista x64 editions.   In Windows Vista x64 editions, the default KMCS policy is to…


Windows Smartcard Framework Certification Program Goes Live

Hi – everyone!    I’m David Cross the Director of Program Management for Windows Security.  It has been a while since I last posted to this blog during the Windows Vista beta cycle on UAC.  I thought a new posting from myself was long overdue and I have some exciting news to share on one…


Windows Vista Security at 180 Days

Just as he did at the 90-day mark, Jeff Jones, a Microsoft Director from the Trustworthy Computing group and frequent blogger on security topics, has done a comparison of vulnerabilities discovered in Windows Vista versus other operating systems in their first 6 months of availability.   Windows Vista holds up well in this comparison, showing a…


PKI Enhancements in Windows Vista and Windows Server 2008

 I’m Avi Ben-Menahem, the lead program manager for the PKI and smart card technologies in Windows Security.   The PKI (Public Key Infrastructure) team in Microsoft is responsible for the different technologies related to digital certificates, these technologies and products include the CA (Certificate Authority), the client enrollment API and UI, OCSP (Online Certificate Status Protocol)…


The Windows Vista Security Blog is Back

We’re back!  You’ve probably noticed that the blog hasn’t been updated much lately.  We’re going to change that and you can expect to see regular posts again.  Windows Vista has been publicly available for over 100 days now, and we think we’re holding up pretty well.  As we said, no software is 100% perfect and…


Windows Vista Security Guide 1.2 Released

We have identified an issue with version  1.1 of  the Windows Vista Security Guide, which caused some of the group policy objects to not be created correctly. If you have downloaded version 1.1, which was available for download from December 4, 2006 through December 14, 2006, please download version 1.2 from http://go.microsoft.com/?linkid=5639874. More information about…


Windows Vista Security Guide Now Available

Microsoft’s Solution Accelerator – Security and Compliance team is pleased to announce the release of the Windows Vista Security Guide, which is now available for downloading. The Windows Vista Security Guide provides IT Professionals like you with specific recommendations and automated tools to further harden Windows Vista against real-world security threats. Based on your feedback…


Windows Vista Security Center: User-Focused Improvements

I’m Chas Jeffries, and I’m the lead program manager for Windows Security Center (WSC) for Windows Vista. As I write this, we are working hard to prepare for the RTM release of Windows Vista. The past year has been an exciting one for the WSC team. We have been working with customers and ISVs to…


Bloggers Report on Vista Security

Microsoft’s hard work in the area of security for the soon-to-be-released Windows Vista operating system is paying dividends for our customers, partners and – it seems – members of the blogging community! http://blogs.zdnet.com/Bott/?p=141 http://blogs.chron.com/techblog/archives/2006/09/did_windows_vis.html  – Russel Humphries