> Enterprise > Windows Vista Security

Windows Vista Security

Windows Vista introduces a range of of new technologies aimed at making it the most secure version of Windows to date. The following research was conducted by Symantec Security Response in order to provide a balanced and objective analysis of these improvements. Our goal is to help customers better understand the true security climate that awaits them with Windows Vista.

For an introduction to the security implications of Windows Vista, the overview paper, blog and podcast below are the place to begin. The remaining research available on this page provides in-depth technical analysis of Vista's many new components.

Vista Security Research

Preventing Overflows: GS Stack Protection

The term "buffer overflow" used to exist only in the lingo of serious security professionals and vulnerability researchers. However, the number of buffer overflow vulnerabilities discovered in previous versions of Windows have made this term an all-too-common part of industry vocabulary. Learn how GS addresses these common classes of software flaws on Windows Vista, and the security exposure that still remains.

Does Today's Malware Matter on Vista?

Much has been made of Vista's new protection features, but can they withstand the onslaught of today's malware threats? What would it take for malware authors to achieve Vista compatibility and usher in a new breed of Vista-compatible threats? This paper takes a look at the early answers to these questions based on Symantec's testing.

Shuffling the Deck: Randomization Defenses

Vista has new defenses for a broad variety of memory manipulation attacks ranging from memory corruption errors to heap overflows. Named Address Space Layout Randomization (ASLR), the goal is to "shuffle" the address space deck so that common footholds are nearly impossible for attackers to find. Explore ASLR's effectiveness as a barrier to memory manipulation attacks.

Starting Over Again: Vista Networking

The Microsoft Windows networking stack has witnessed a complete overhaul with the release of Windows Vista. Everything from core protocols, TCP and IP, to application layer protocols, RPC and SMB, have been affected. This paper provides an in-depth security analysis of this new stack, its resistance to legacy attacks, and the exposure that still remains.

Tunneling with Teredo

Teredo is a new network protocol that provides IPv6 support on IPv4 networks. While this Microsoft-designed protocol allows for a smoother migration to IPv6, there are serious security implications when using Teredo in a corporate environment. This paper provides a security analysis of the Teredo protocol, as well as the risks that are associated with it.