News

Security Changes Coming in Vista SP1

Microsoft will unveil three security enhancements as part of its upcoming Windows Vista Service Pack 1 (SP1) release, slated for early 2008.

Analysts say that while the security tweaks, which include improvements in encryption, kernel patch protection and programming interfaces, are nothing earth-shattering, they address some of the early concerns about Vista among some vendors and security administrators, concerns which include data integrity and security monitoring.

Here's a preview of the planned improvements:

BitLocker:

Microsoft's BitLocker encryption update is the first and most prominent of the projected security features to accompany SP1. BitLocker addresses the compromise of data through theft or accidentally losing a computer device such as a USB key. Through the BitLocker control panel, SP1 users will be able to manage and configure drive encryption for disk volumes beyond the standard OS volume. Users with complex and intricate storage set up on their internal hard disk, or across multiple hard drives, can now be protected with BitLocker. The previous version had less comprehensive encryption coverage, addressing limited data volume.

Kernel Patch Protection:

On the eve of Vista's release, Microsoft wanted to preserve OS integrity by blocking access to the Windows kernel through its PatchGuard feature. This led to criticism from the European Commission, and Microsoft eventually agreed to provide better kernel access by making code modifications that would allow outsiders to use the kernel.

To extend that commitment and pacify the EU and other software firms such as McAfee and Symantec, SP1 will include the first set of supported APIs that allow third-party software and malicious software detection programs to work alongside Windows Kernel Patch Protection on 64-bit versions of Vista.

The programming interfaces are designed to help administrators develop software that extends the functionality of the Windows kernel, with provisions for version control and tracking, all without having to disable Kernel Patch Protection during the installation of unique, customized security dashboards.

Windows Security Center:

Since the inception of XP SP2, users and administrators have used Windows Security Center (WSC) to view the status of computer security settings and services. An issue with WSC is that it doesn't play well with others, but an SP1 upgrade alleviates that problem by allowing third-party security applications to better communicate and integrate with the OS.

The other big WSC change is in handling unverified applications. WSC will provide current status updates for software that isn't compatible with Vista SP1 for 90 days after SP1 is installed. After that time, Windows Security Center will report the application's status as "yellow", indicating that Windows Security Center can neither verify the app's compatibility nor ensure the security status of the application. Any number of reasons can cause a yellow warning, including but not limited to incomplete downloads or installation, failure to initialize or the need for an application update.

Being able to view the status of any given application will allow security personnel to see what is and isn't working security wise on the system, as well as monitor user account control. For admins, it means the ability to limit certain applications to specified users. For instance, security admins can use WSC to see how well -- or even if -- programs such as Norton AntiVirus or other non-Windows software are operating in concert with Vista, or interfering with smooth OS operation and causing system slowdowns and crashes.

Some critics believe that despite these changes, Windows Security Center is still merely detective, rather than preventative. In other words, a pop-up that suggests a required update on a software firewall or anti-virus application is entirely different from a program that keeps malicious agents at bay or scans and cleans viruses.

Neil MacDonald, Vice President of Gartner Research and a Gartner Fellow of Information Security, said these security changes, as well as those for SP1 as a whole, may placate some Vista users, but that Microsoft still has bigger fish to fry.

"The real question is 'Does this change the equation for businesses that haven't migrated to Vista yet?', and the answer to that is no," MacDonald said. "It's still a cost issue and we have to see what actually happens when (SP1) is released. It's getting harder and harder for Microsoft to compel users. Linux isn't the real threat, the threat lies within Microsoft's own install base. They have to make things a 'must-use' again."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • FTC Expands Microsoft Antitrust Investigation Under Trump Administration

    The Federal Trade Commission (FTC) is pressing ahead with a broad investigation into Microsoft's business practices, an inquiry that began in the final weeks of the Biden administration.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.

  • Big Blue To Acquire Datastax in Enterprise AI Play

    In a bid to bolster its enterprise-aimed AI capabilities, IBM is planning to acquire Datastax, a leading AI and data solutions provider, for an undisclosed amount.