How high is the security of Windows Vista system

User Control Account

As Microsoft said in Vista's publicity, Vista is by far the most secure operating system from Microsoft, but for users, especially those who are sensitive to security, Whether this security is enough is another problem. Microsoft said in Vista's promotional materials that Vista is the most secure operating system that Microsoft has launched so far. Microsoft promises that Vista, which has been opened for five years, will Let desktop users enter a new world of trusted computing. In this world, computers will be more reliable, users will get better experiences, and notorious malware will become a thing of the past.

However, officially in Vista Since the listing in the past four months, the debate over whether it is safe has become more and more serious. Anti-virus software vendors, hackers and security experts have questioned the effectiveness of Microsoft's security measures in Vista. Some even think that Vista's new security model Purely empty shelves, without any real meaning.

Microsoft has always been criticized, especially when it makes some kind of commitment, it is easier to become the target of everyone. In fact, before Various tests have proven that Vista has actually improved substantially in terms of completeness compared to the previous Windows operating system. However, this does not mean that Vista can give us peace of mind. In addition to partial IT management. Outside of the headaches, IT administrators must still be cautious and serious every day.

User Control Accounts

The most popular security tools in Vista are people. Most criticized. User Account Control (UAC) is used to solve the problem of user rights management that has long plagued Windows systems, but opponents believe that due to poor design, UAC's effect is not enough. Protection.

In the past, administrator accounts were subject to the most blame. Various practices have shown that users should only be given access to administrators when completing certain tasks, such as installing device drivers or modifying the registry. It has this privilege. However, the previous Windows system followed some features of the DOS system, they are essentially single-user systems, so the users in the system are administrators by default. Even in Window. s XP, Microsoft's first multi-user client operating system, users still habitually default to the system administrator when they log in, even if he only needs to complete some of the most common tasks.

Make the workstation very easy to manage, but it is a disaster for security. If the user logs in as an administrator, the worm, the Trojan horse, etc., once successfully invaded, will have the highest authority, which will bring a lot of users. Worse. Worse, Microsoft's negligence in user rights management allows software developers to adopt some unsafe programming methods at will, and the combination of the two makes things more complicated. For example, many applications on Windows. It can only be run under administrator privileges, which means that the system is running in the least secure state.

UAC attempts to correct this bad habit. In UAC mode, most software By default, it runs under the condition of low user rights. If an operation of an application requires administrator rights, UAC will pop up a dialog box asking the user to promote the application to a higher level.

no The UAC in Vista is not perfect, and some vulnerabilities can be exploited. For example, like other Windows operating systems, the installer of the software in Vista always has administrator privileges. In addition, Symantec's Security analyst Ollie Whitehouse also pointed out that some of the applications that come with Vista may also be exploited to undermine the protection of UAC.

Some security experts admit that Microsoft works great on Vista, but they also remind people: Don't expect UAC to eliminate all issues related to administrator accounts overnight.

Design arrears is not the only vulnerability in Microsoft UAC, and certain requirements for users are also criticized. UAC confirmation dialog It's boring, and to some extent it feels a bit confusing. The user can easily turn off the UAC function because of boredom, or simply don't understand the specific content of the UAC alarm message, simply click “ OK” button is finished. And even worse, they are easy to be socially engineered (social engineering is usually to take advantage of the public's neglect of tricks to get victims into the trap. The trick is usually to talk, bully Deceive, impersonate or use words to capture the secrets of the user system from legitimate users, such as: user list, user password and network structure. —— editor's note) trick to do something.

“Vista does offer a lot of features to protect your system, but only if you use it properly.” Microsoft talked about UAC in Vista's best practices guide, “How much is the system?” Security depends on the user's operation, so it's best to think about it when you click the button. & rdquo; In other words, it's not a good idea to completely build the system security on top of UAC.

Actually, Microsoft does not encourage users to use UAC as a security bastion. Therefore, Microsoft does not believe that the vulnerability in UAC implementation is a security hole. It is important to understand this because it tells us how to treat UAC in a corporate environment.
< H2> Windows Firewall and Defender

In addition to UAC, Microsoft has added many other features to

Vista. Among them, the purpose of many functions is to improve the security of the system. However, if you study carefully These features, compared to the past Windows systems, we will find that they actually have very limited security for the system.

Vista added security

Since Windows XP launched SP2 Since the Windows system was installed, its firewall function is enabled by default. In Vista, Windows Firewall can prevent the outside world from talking to the computer in addition to XP, and can also prevent the computer from talking to the outside world. For the increasing spyware, Phishing and denial of service threats are a very important improvement for Windows. However, unfortunately, when Vista is installed, filtering the outgoing packets is disabled by default. In other words, if not Manually configured, Vista's firewall provides little protection for connections compared to XP SP2.

Vista also has a new application called Windows Defender, which provides anti-spyware functionality for the system. But according to spyware vendor Webroot, Windows Defender doesn't work for most spyware. Worse, in February, it was discovered that Windows Defender might become Malware attacks Vista's springboard. Because Microsoft's malware detection engine has a vulnerability that can be exploited by malicious people to launch attacks on Vista.

Similar to the previous one, although a new hard disk has been added to Vista. The encryption function, called Bitlocker, is turned off by default when the system is installed, and there is still a question about how much it can protect users.

The worst thing is that Vista Some of the newly added features have proven to be harmful to overall security. In January of this year, hackers discovered that they could access remote systems through Vista's voice recognition function, including performing the removal of arbitrary files in the system. These may sound like It’s too sensational, but it should be taken seriously, otherwise it will cause losses to yourself.

Bug in the application

The Vista speech recognition feature vulnerabilities once again reveal a fact, so far, and before Like the various versions of the Windows operating system, the main form of attack against a computer running Vista is not exploiting the vulnerabilities of the operating system itself, but using the operating system. Vulnerabilities in various application systems are initiated.

In fact, in order to reduce the hazards of the most common ones in applications, Vista has done a lot of work in this area, for example, using memory addresses. After the hidden space, the protection of the operating system kernel and other technologies, it will be very difficult for hackers to use ordinary bugs to launch attacks on the system. Preliminary research conducted by Symantec proves that although Vista is in some form The attack is still relatively fragile, but Symantec still believes that Vista basically meets Microsoft's pre-conceived security goals.

Moreover, Vista uses .Net as the preferred development model for future application security. It's also very beneficial. The managed code and security hourglass features of the Net development platform help developers avoid common bugs that are likely to be exploited by hackers.

However, despite The .Net development platform has brought a lot of improvements, but to really benefit from these technologies, developers must rewrite the original code. Those previously developed applications cannot be from Vista. Benefits, they are still as vulnerable to hackers as they used to be. There are already many examples of this, such as the BrightStor backup software released by CA soon.

No doubt, the next few Months, many commercial applications will release patches for Vista, and the security of those companies' own software is very uncertain. Unless the previous software is upgraded to take full advantage of Microsoft's latest security technology, otherwise When running in Vista, it will not be protected by UAC. Although Microsoft has made a big step forward in technology, this latest operating system is not a panacea for the security of IT environments running on it.

The Road to Safety

& ldquo;We are very confident about Vista, it is Microsoft's safest operating system to date," said a senior Microsoft security manager at Microsoft. "However, One thing everyone must realize is that there is no 100% security system, that is, there is no silver bullet.” He said, “Vista is not immune to attacks, so if we have such a thing for it, It’s also unfair.” Indeed, the technical advancement of the operating system has greatly helped the security of the system. However, like all previous versions of Microsoft’s operating system, Microsoft itself acknowledges that Vista itself It is best for users to install some anti-malware software and some other security software at the same time.

As with all Microsoft operating systems, Vista's biggest problem may be compatible with the old version. So far, Vista Most of the vulnerabilities found in older applications are because they don't benefit from Vista's new security model, and even UAC itself is a compromise.

For companies, the sooner Keeping up with Microsoft's latest technology, the sooner it can benefit from Microsoft's latest research in security. Wherever possible, companies should upgrade their own applications to managed code and .Net frameworks whenever possible. At the same time, evaluate Microsoft's latest security APIs and best practices.

In the future, as the industry moves to 64-bit computing platforms, more and more hardware-based security policies will emerge. The security situation may be better. However, today we are better to be cautious. Microsoft has developed a special IT administrator who is evaluating Vista and preparing to use Active Directory in the corporate network. Security Guide.

Although for an organization, how to configure depends on the level of security required, the guidelines are clear: Vista system security requires the joint efforts of all parties, including the seriousness of IT staff Strict enforcement of security policies, as well as third-party anti-malware and security management tools, in other words, still no different from before. Vista does not mean that security has improved significantly compared to XP, after all, it still Is Windows. (blog translated from the US "Infowrold" magazine)

Links: UAC working mechanism

In Windows Vista, there are two levels of user groups by default, namely standard user groups and The administrator group, where the standard user is a member of the Computer Users group; the administrator is a member of the Computer Administrators group. The improvement Microsoft made in Vista is that, unlike previous versions of Windows, the default is Both standard users and administrators access resources and run applications in a standard user security context. After a user logs in, the system creates an access token for the user. The access token contains the level of access granted to the user. Information, including specific security identifiers (SIDs) and Windows permissions.

Bitlocker's encryption principle

Two keys are generated after Bitlocker is enabled: one is stored in the boot partition; Another chip stored on the motherboard called TPM, the first time the TPM is loaded when the computer is powered on, it will be compared with the key in the boot area. After passing, BOIS will be loaded to complete the computer. Startup process. If any one of the processes does not match, for example, someone has done a hand or foot on the TPM chip, or removed the hard disk and put it on another machine, Windows Vista will refuse the release of the key, the system will not be able to Start.