News
UAC and Windows Defender
The under-the-hood changes to Vista's security revolve around a few new mechanisms that make it far more difficult for an unwanted program to dig its hooks into Windows. One of the biggest changes, User Account Control (UAC), forces the user to approve certain actions manually, such as launching a program that could change certain system settings or installing an application with full administrative rights.
By default, applications in Vista are not run as administrator, even if you log in under an admin account. You need to specifically declare that a given application will run as admin before it does. Typically, you do that by shift-right-clicking on the program in question and selecting "Run as Administrator." Most applications that are not written specifically for Vista need to be installed under admin rights to work properly as well.
The worst-case scenario is that people will grow frustrated with unexpected application behaviors, turn off UAC entirely (which is possible and doesn't require a hack) and then re-expose themselves to many of the same issues that Vista was designed to prevent.
Another problem is the question of what's "unwanted." Many people who install malware do not realize that what they're installing is, in fact, bad for their PC, and sometimes they jump through a fair number of hoops to install it!
In short, UAC is only going to protect people who learn how to work with it, rather than against it. If you're responsible for educating people about the way Vista works, make it a top priority to tell people exactly how UAC works and how they must deal with it.
Vista also comes pre-equipped with Windows Defender, a set of interlocking anti-malware and system-protection tools including a revised version of the Windows firewall that debuted in XP. Defender is turned on by default and protects a system actively against a variety of unauthorized changes, such as if an application tries to register itself to start automatically without your authorization.
Defender can also be disabled by the user (albeit through a UAC action). One of the bigger worries I had about Defender, as with UAC, is that it would prove to be a frustration and that people would turn it off just to get regular work done. This does not seem to be the case. But, again, people moving to a Vista computer and encountering Defender for the first time would need some degree of training to understand what it implies for them. Be sure you tell them not to simply turn it off out of spite without perhaps replacing it with something else or having other programs or protocols in place to prevent attacks.
The known and unknown threats
One thing seems clear: The tighter Vista's native protections get, the more third parties are going to find ways to subvert the operating system that weren't even considered viable before.
While Vista was still in beta, security researcher Joanna Rutkowska discovered that unsigned kernel code could be back-injected into the OS by modifying the page file; Microsoft's response (admittedly a bit heavy-handed) was to disallow any application from performing sector-level writes to disk without operating through a signed kernel driver.
The presence of such possibilities was deeply troubling to security analysts because they signaled how a cunning hacker could simply perform an end-run around Vista's defenses. Using rootkits or other subversive technologies to hide their tracks, they might be able to slip through such cracks without ever coming up against UAC or any of Windows's other defenses. On the other hand, the attack was not something that had been witnessed in the wild, and now Microsoft had been at least made aware of how such things can be engineered.
The motives behind hjiacking people's computers will not diminish. There's more incentive than ever to do this -- it's big business. Those who make use of exploits to write malware usually do so for one reason: stealing (typically from someone's bank account). Additionally, people who discover system exploits can resell them on the black market for cash -- tens of thousands of dollars each -- which are, in turn, used by exploiters to steal from unsuspecting victims.
Vista could mean the end of malware as we have come to know it: most commonly in the form of browser plug-in exploits and AIM links that launch Trojans. This would be a great thing, and it is much overdue. But, it may be the beginning of the next wave in malware -- intrusions so subtle and difficult to detect that Vista users (and Microsoft, too) will be forced to retrench once again.
The under-the-hood changes to Vista's security revolve around a few new mechanisms that make it far more difficult for an unwanted program to dig its hooks into Windows. One of the biggest changes, User Account Control (UAC), forces the user to approve certain actions manually, such as launching a program that could change certain system settings or installing an application with full administrative rights.
By default, applications in Vista are not run as administrator, even if you log in under an admin account. You need to specifically declare that a given application will run as admin before it does. Typically, you do that by shift-right-clicking on the program in question and selecting "Run as Administrator." Most applications that are not written specifically for Vista need to be installed under admin rights to work properly as well.
The worst-case scenario is that people will grow frustrated with unexpected application behaviors, turn off UAC entirely (which is possible and doesn't require a hack) and then re-expose themselves to many of the same issues that Vista was designed to prevent.
Another problem is the question of what's "unwanted." Many people who install malware do not realize that what they're installing is, in fact, bad for their PC, and sometimes they jump through a fair number of hoops to install it!
In short, UAC is only going to protect people who learn how to work with it, rather than against it. If you're responsible for educating people about the way Vista works, make it a top priority to tell people exactly how UAC works and how they must deal with it.
Vista also comes pre-equipped with Windows Defender, a set of interlocking anti-malware and system-protection tools including a revised version of the Windows firewall that debuted in XP. Defender is turned on by default and protects a system actively against a variety of unauthorized changes, such as if an application tries to register itself to start automatically without your authorization.
Defender can also be disabled by the user (albeit through a UAC action). One of the bigger worries I had about Defender, as with UAC, is that it would prove to be a frustration and that people would turn it off just to get regular work done. This does not seem to be the case. But, again, people moving to a Vista computer and encountering Defender for the first time would need some degree of training to understand what it implies for them. Be sure you tell them not to simply turn it off out of spite without perhaps replacing it with something else or having other programs or protocols in place to prevent attacks.
The known and unknown threats
One thing seems clear: The tighter Vista's native protections get, the more third parties are going to find ways to subvert the operating system that weren't even considered viable before.
While Vista was still in beta, security researcher Joanna Rutkowska discovered that unsigned kernel code could be back-injected into the OS by modifying the page file; Microsoft's response (admittedly a bit heavy-handed) was to disallow any application from performing sector-level writes to disk without operating through a signed kernel driver.
The presence of such possibilities was deeply troubling to security analysts because they signaled how a cunning hacker could simply perform an end-run around Vista's defenses. Using rootkits or other subversive technologies to hide their tracks, they might be able to slip through such cracks without ever coming up against UAC or any of Windows's other defenses. On the other hand, the attack was not something that had been witnessed in the wild, and now Microsoft had been at least made aware of how such things can be engineered.
The motives behind hjiacking people's computers will not diminish. There's more incentive than ever to do this -- it's big business. Those who make use of exploits to write malware usually do so for one reason: stealing (typically from someone's bank account). Additionally, people who discover system exploits can resell them on the black market for cash -- tens of thousands of dollars each -- which are, in turn, used by exploiters to steal from unsuspecting victims.
Vista could mean the end of malware as we have come to know it: most commonly in the form of browser plug-in exploits and AIM links that launch Trojans. This would be a great thing, and it is much overdue. But, it may be the beginning of the next wave in malware -- intrusions so subtle and difficult to detect that Vista users (and Microsoft, too) will be forced to retrench once again.
Posted on 23 Feb 2007 by Vista Advice
Windows Vista’s powerful new graphics engine may be one of its hallmark features, but it’s engendering complaints from a key segment of potential early adopters: hardcore gamers.
A small but significant number of games written for Windows XP either crash or creep along slowly on Vista, according to numerous complaints by game enthusiasts in online forums.
“Formatted PC, installed Vista, updated any drivers possible. Now half [of my] games will not run, or run with corrupt graphics,” lamented one poster in a discussion forum at graphics chipmaker Nvidia’s web site.
A small but significant number of games written for Windows XP either crash or creep along slowly on Vista, according to numerous complaints by game enthusiasts in online forums.
“Formatted PC, installed Vista, updated any drivers possible. Now half [of my] games will not run, or run with corrupt graphics,” lamented one poster in a discussion forum at graphics chipmaker Nvidia’s web site.
Posted on 22 Feb 2007 by Vista Advice
"People who sell PCs have seen a very nice lift in their sales. People have come in and wanted to buy Vista," Gates told reporters on Tuesday at an Ottawa news conference.
Gates spoke when asked to clarify last week's comments by Microsoft chief executive Steve Ballmer that analysts' forecasts for fiscal 2008 revenue for Vista were "overly aggressive".
Microsoft released Vista, the upgrade to its ubiquitous Windows operating system, three weeks ago and predicted that consumers would move to Vista faster than they moved to previous Windows upgrades.
The Windows franchise is the centrepiece of Microsoft's business because the company makes more than 75 cents in operating profit for every dollar of sales.
Investor optimism about Vista has helped push the company's shares up 30 percent since last June, although the stock has dipped in recent weeks.
Asked by Reuters if there was anything that would make Microsoft cautious about the outlook for Vista, Gates replied: "I don't know what you mean. Vista's had an incredible reception… The reviews have been fantastic. This is a big, big advance in the Windows platform. It's the world's most used piece of software… Overall, the reliability feedback has been well better than we expected."
Gates was speaking at a news conference after announcing an $118m funding initiative by his Bill & Melinda Gates Foundation and the Canadian government to search for an HIV/AIDS vaccine.
Gates spoke when asked to clarify last week's comments by Microsoft chief executive Steve Ballmer that analysts' forecasts for fiscal 2008 revenue for Vista were "overly aggressive".
Microsoft released Vista, the upgrade to its ubiquitous Windows operating system, three weeks ago and predicted that consumers would move to Vista faster than they moved to previous Windows upgrades.
The Windows franchise is the centrepiece of Microsoft's business because the company makes more than 75 cents in operating profit for every dollar of sales.
Investor optimism about Vista has helped push the company's shares up 30 percent since last June, although the stock has dipped in recent weeks.
Asked by Reuters if there was anything that would make Microsoft cautious about the outlook for Vista, Gates replied: "I don't know what you mean. Vista's had an incredible reception… The reviews have been fantastic. This is a big, big advance in the Windows platform. It's the world's most used piece of software… Overall, the reliability feedback has been well better than we expected."
Gates was speaking at a news conference after announcing an $118m funding initiative by his Bill & Melinda Gates Foundation and the Canadian government to search for an HIV/AIDS vaccine.
Posted on 22 Feb 2007 by Vista Advice
Microsoft Corp. on Wednesday released a list of 800 applications it has officially verified so far to run bug-free on Windows Vista.
The list is notable for both its brevity and the absence of many applications popular on Windows XP, although Microsoft and analysts said that the majority of XP software can run, albeit with hiccups, on Vista.
Popular Windows software that is conspicuously missing from Microsoft's list includes Adobe Systems's entire line of graphics and multimedia software, Symantec Corp.'s security products, as well as the Mozilla Foundation's open-source Firefox Web browser, Skype's free voice-over-IP software, and the OpenOffice.org alternative to Microsoft Office.
The list is notable for both its brevity and the absence of many applications popular on Windows XP, although Microsoft and analysts said that the majority of XP software can run, albeit with hiccups, on Vista.
Popular Windows software that is conspicuously missing from Microsoft's list includes Adobe Systems's entire line of graphics and multimedia software, Symantec Corp.'s security products, as well as the Mozilla Foundation's open-source Firefox Web browser, Skype's free voice-over-IP software, and the OpenOffice.org alternative to Microsoft Office.
Posted on 22 Feb 2007 by Vista Advice