Security In Windows Vista

2. Home Basic Home Premium Windows Vista Ultimate Business Security In Windows Vista

3. Home Basic Home Premium Group Members Ultimate MIRZA HAMZA BABAR DANIYAL MASOUD OBAID ULLAH KHAN SAMI UMER Business

4. Home Basic Home Premium Security Features Users UAC – User Account Control Shares Security Center Firewall EFS Bit Locker Windows Defender Services Lockdown DEP – Data Execution Prevention Ultimate Business

5. Users Login, Windows Welcome screen is the only available logon Displays all enabled accounts on the system, default is install account Setting “Do not display last user name” gives an empty “user” + “password” prompt Guest and Administrator are disabled by default with blank passwords. Administrator is not visible via “User Accounts” in Control Panel Built-in Guest account cannot set a password via “User Accounts” in Control Panel Built –in Administrator account stays disabled in Safe Mode Password Policy is still blank with no complexity by default Anonymous enumeration is disabled by default Same as XP SP2 NT-Offline does not work

6. User Account Control Windows Vista security infrastructure Applications run with standard user privileges until an administrator authorizes an increase in privilege Much criticism over the number of prompts a user can receive from UAC requesting authorization

7. Shares File sharing is enabled by default Same old default admin shares C$ ADMIN$ IPC$ Vista by default does not use “Simple File Sharing”, a sharing feature that was enabled by default in XP UAC blocks local admin accounts from remotely accessing remote admin shares Sharing is unnecessarily convoluted with additional options. Public Folder Sharing Password Protected Sharing Media Sharing

8. Security Center Return of Automatic Updates, Windows Firewall, and Internet Security Settings (IE Security Tab) Expanded to include “Malware” (Virus / Spyware) and UAC

10. IPSec Configuration

11. Connection Security Rules

12. Inbound/Outbound Rules

14. Bit Locker Full Disc encryption Supported in Enterprise and Ultimate Bit Locker does not like debuggers It is strongly recommend that you do not run a debugger when Bit Locker is enabled. Running a debugger on your Bit Locker-enabled computer requires you to follow the recovery process every time you restart the computer.

15. Windows Defender MS’s answer to Anti-Spyware In comparisons Defender did not identify the multitude of objects as identified by other products Microsoft’s anti-spyware program now integrated with the Windows Vista operating system Designed to detect, remove, and prevent spyware Supports not only scanning, but real-time protection

16. Service Lockdown MS has modified the behavior of various services Applied an ACL model to services As Per MS Introduction of a per-service security identifier (SID). Moving services from Local System to a lesser privileged account such as Local Service Removal of un-necessary Windows privileges on a per-service basis for example debugging. Applying a write-restricted access token to the service process. Services are assigned network firewall policy. The firewall policy is linked directly to per-service SID. Implementation of Kernel Patch Protection / Patch Guard MS choose to block raw disk access from user mode Sc.exe - for manual service foo.

17. DEP Actually a feature from XP SP2 Supposed to randomize the memory locations used to stop overflow attempts Enabled by default on Vista “Essential” programs and services only Can be configured for all programs except ‘x’ bcdedit.exe - for manual foo.