Technorati
Digg
Delicious
Reddit
Newsvine
StumbleUpon
Buzz
Blinklist
Mixx
GoogleSecuring Windows Vista
February 8, 2007
Summary
Learn how to secure Windows Vista.
Restrictive installation — In previous versions of Windows, malicious programs were able to perform downloads and installations without your knowledge. In Vista, every time a software installation is attempted, you’ll be prompted to approve the installation. In some cases, you’ll be asked to provide a password.
Built-in spyware protection — An XP version of Microsoft’s antispyware tool was previously available for download. However, it will be built right into the Vista operating system.
Improved firewall — Previous Windows firewalls controlled only incoming traffic, a serious shortcoming. With Vista, you can configure the firewall to manage outgoing traffic, as well—which gives you the means to stop malware from stealthily connecting to the Internet from your computer.
Safer surfing — Together with Microsoft’s release of Internet Explorer 7, Vista makes Web use safer. For example, ActiveX is disabled by default in Vista, which is something savvy surfers had to remember to do themselves in the past. Meanwhile, Internet Explorer 7 includes anti-phishing and anti-spoofing tools.
Most significantly, Vista does not include true virus protection. That means a computer running Vista—but not running a separate antivirus program—is open to attack from viruses, worms, and Trojan horses. Some of its features may remove or prevent some malware from installing, but they don’t protect like a dedicated antivirus solution.
On its own, Vista is also unequipped to handle fraud-based Internet attacks. The latest version of Internet Explorer, Microsoft’s browser, does contain some anti-phishing features. But Vista itself does not provide Web site authentication, phishing filters, or any other anti-fraud features. Should you use a non-Microsoft browser, however, you’re on your own.
While Vista’s firewall is improved, it’s not optimal for home users. Unlike more sophisticated firewalls, it doesn't block outbound traffic by default. Instead, it leaves it to the home user to decide which programs to block and which to allow. That translates into less out-of-box protection—and once you've configured it—less assurance you're blocking the appropriate threats.
Finally, Vista’s built-in anti-spyware program has yet to prove itself among the elite spyware defenders. Reviews of the stand-alone version, as well as preliminary testing by competitors, indicate that some common spyware still slips past its defenses.
In the end, Vista security is not complete. It’s an assembly of important features to be sure; but there are gaps. Moreover, how these features play out in practice remains to be seen.
First and foremost, you need to use top quality antivirus software. Microsoft makes this very clear, stating: “In addition to using built-in Windows Vista features, you should help keep your computer healthy by using antivirus software.”
Because Vista doesn’t have built-in protection against phishing and other kinds of online fraud, you need something to protect you when you shop and bank online. It’s especially important if you use a browser other than Internet Explorer.
Given how Vista’s firewall works, you’re better off installing a separate personal firewall—something that not only blocks outgoing traffic by default but automatically identifies suspicious outgoing programs for you. Likewise, until Vista’s antispyware program proves itself in practice, it’s advisable to install antispyware software with a demonstrated track record.
Finally, as the next version of the world’s most popular operating system, Vista is sure to be the target of new attacks. It won’t be long before hackers and virus writers begin to exploit any points of vulnerability. That’s why you need a comprehensive security solution to plug Vista’s gaps.
If you have security software for your existing Microsoft operating system, check with your provider to see if they have a Vista-compatible product, and if so, how to upgrade. If your provider doesn’t yet offer a Vista product, check out Symantec’s offerings.
In This Article
Introduction
Microsoft’s Vista operating system includes a number of new security features. However, its defenses are not complete, and if you plan to run Vista, you should take extra steps to make it secure.Vista’s security features
Windows Vista boasts more robust security than previous Windows operating systems. Some features are new, while others extend protections already available in previous Windows versions.Restrictive installation — In previous versions of Windows, malicious programs were able to perform downloads and installations without your knowledge. In Vista, every time a software installation is attempted, you’ll be prompted to approve the installation. In some cases, you’ll be asked to provide a password.
Built-in spyware protection — An XP version of Microsoft’s antispyware tool was previously available for download. However, it will be built right into the Vista operating system.
Improved firewall — Previous Windows firewalls controlled only incoming traffic, a serious shortcoming. With Vista, you can configure the firewall to manage outgoing traffic, as well—which gives you the means to stop malware from stealthily connecting to the Internet from your computer.
Safer surfing — Together with Microsoft’s release of Internet Explorer 7, Vista makes Web use safer. For example, ActiveX is disabled by default in Vista, which is something savvy surfers had to remember to do themselves in the past. Meanwhile, Internet Explorer 7 includes anti-phishing and anti-spoofing tools.
What Vista lacks
With Vista, Microsoft has beefed up its security efforts compared to past Windows versions. However, Vista does not provide complete protection, and the effectiveness of its new features are still unknown.Most significantly, Vista does not include true virus protection. That means a computer running Vista—but not running a separate antivirus program—is open to attack from viruses, worms, and Trojan horses. Some of its features may remove or prevent some malware from installing, but they don’t protect like a dedicated antivirus solution.
On its own, Vista is also unequipped to handle fraud-based Internet attacks. The latest version of Internet Explorer, Microsoft’s browser, does contain some anti-phishing features. But Vista itself does not provide Web site authentication, phishing filters, or any other anti-fraud features. Should you use a non-Microsoft browser, however, you’re on your own.
While Vista’s firewall is improved, it’s not optimal for home users. Unlike more sophisticated firewalls, it doesn't block outbound traffic by default. Instead, it leaves it to the home user to decide which programs to block and which to allow. That translates into less out-of-box protection—and once you've configured it—less assurance you're blocking the appropriate threats.
Finally, Vista’s built-in anti-spyware program has yet to prove itself among the elite spyware defenders. Reviews of the stand-alone version, as well as preliminary testing by competitors, indicate that some common spyware still slips past its defenses.
In the end, Vista security is not complete. It’s an assembly of important features to be sure; but there are gaps. Moreover, how these features play out in practice remains to be seen.
How to secure Vista
Securing a computer running Vista is not all that different from securing any other computer. While Vista offers some extra layers of protection, you still need to use sensible computing habits and strong security software.First and foremost, you need to use top quality antivirus software. Microsoft makes this very clear, stating: “In addition to using built-in Windows Vista features, you should help keep your computer healthy by using antivirus software.”
Because Vista doesn’t have built-in protection against phishing and other kinds of online fraud, you need something to protect you when you shop and bank online. It’s especially important if you use a browser other than Internet Explorer.
Given how Vista’s firewall works, you’re better off installing a separate personal firewall—something that not only blocks outgoing traffic by default but automatically identifies suspicious outgoing programs for you. Likewise, until Vista’s antispyware program proves itself in practice, it’s advisable to install antispyware software with a demonstrated track record.
Finally, as the next version of the world’s most popular operating system, Vista is sure to be the target of new attacks. It won’t be long before hackers and virus writers begin to exploit any points of vulnerability. That’s why you need a comprehensive security solution to plug Vista’s gaps.
If you have security software for your existing Microsoft operating system, check with your provider to see if they have a Vista-compatible product, and if so, how to upgrade. If your provider doesn’t yet offer a Vista product, check out Symantec’s offerings.
The Bottom Line
Windows Vista is loaded with new features, including some major security enhancements. However, for complete protection, you’ll need to bolster its defenses with a comprehensive security solution.Related Links
- Symantec Vista Information Center
- Product: Norton Internet Security: Spyware Protection - Anti virus Software
- Product: Norton Internet Security for Macintosh: Mac Spyware Protection - Parental Control
- Product: Norton Confidential for Macintosh: Antiphishing - Vulnerability Protection
- Vista Security Overview from Microsoft
- Norton Downloads
- Viruses & Threats: Conficker Worm (aka April Fools 2009, April 1st Virus)