With reports of new Windows XP vulnerabilities coming in with stomach-lurching regularity, we all hope that Vista has a much better security track record. It's still too early to telland nefarious hackers are exceptionally clever but it certainly looks as though Microsoft is heading in the right direction with Vista:
User Account Control This newand very controversialfeature ensures that every Vista user runs with only limited privileges, even those accounts that are part of the Administrators group (except the Administrator account itself). In other words, each user runs as a "least privileged user," which means users have only the minimum privileges they require for day-to-day work. This also means that any malicious user or program that gains access to the system also runs with only limited privileges, thus limiting the amount of damage they can do. The downside (and the source of the controversy) is that you constantly get pestered with security dialog boxes that ask for your approval or credentials to perform even trivial tasks, such as deleting certain files.
Windows Firewall This feature is now bidirectional, which means that it blocks not only unauthorized incoming traffic, but also unauthorized outgoing traffic. For example, if your computer has a Trojan horse installed, it may attempt to send data out to the Web, but the firewall's outgoing protection will prevent this.
Windows Defender This is the Windows Vista antispyware program. (Spyware is a program that surreptitiously monitors a user's computer activities or harvests sensitive data on the user's computer, and then sends that information to an individual or a company via the user's Internet connection.) Windows Defender prevents spyware from being installed on your system and also monitors your system in real time to look for signs of spyware activity.
Internet Explorer Protected mode This new operating mode for Internet Explorer builds upon the User Account Control feature. Protected mode means that Internet Explorer runs with a privilege level that's enough to surf the Web, but that's about it. Internet Explorer can't install software, modify the user's files or settings, add shortcuts to the Startup folder, or even change its own settings for the default home page and search engine. This is designed to thwart spyware and other malicious programs that attempt to gain access to your system through the web browser.
Phishing Filter Phishing refers to creating a replica of an existing web page to fool a user into submitting personal, financial, or password data. Internet Explorer's new Phishing Filter can alert you when you surf to a page that is a known phishing site, or it can warn you if the current page appears to be a phishing scam.
Junk Mail Filter Windows Mail (the Vista replacement for Outlook Express) comes with an antispam filter based on the one that's part of Microsoft Outlook. The Junk Mail Filter uses a sophisticated algorithm to scan incoming messages for signs of spam. If it finds any, it quarantines the spam in a separate Junk Mail folder.
Windows Service Hardening This new technology is designed to limit the damage that a compromised service can wreak upon a system by (among other things) running all services in a lower privilege level, stripping services of permissions that they don't require, and applying restrictions to services that control exactly what they can do on a system.
Secure Startup This technology encrypts the entire system drive to prevent a malicious user from accessing your sensitive data. Secure Startup works by storing the keys that encrypt and decrypt the sectors on a system drive in a Trusted Platform Module (TPM) 1.2 chip, which is a hardware component available on many newer machines.
Network Access Protection (NAP) This service checks the health status of a computer, including its installed security patches, downloaded virus signatures, and security settings. If any of the health items are not completely up-to-date or within the network guidelines, the NAP enforcement service (running on a server that supports this feature) either doesn't let the computer log on to the network or shuttles the computer off to a restricted area of the network.
Parental Controls This feature enables you to place restrictions on the user accounts that you've assigned to your children. Using the new User Controls window in the Control Panel, you can allow or block specific websites, set up general site restrictions (such as Kids Websites Only), block content categories (such as Pornography, Mature Content, and Bomb Making), block file downloads, set time limits for computer use, allow or disallow games, restrict games based on ratings and contents, and allow or block specific programs.
Computer Repair,Computer Service
Computer Consulting,Computer Consultant
Computer Support
No comments:
Post a Comment