“Windows Vista has been in the news a lot lately – in particular, Vista’s security. The new security features have been the target of both praise and ridicule. Even Apple took a jab at Vista’s security with its latest TV ad mocking Vista’s security prompts. Say what you will, but I personally like the prompts. And get used to them; they are likely a sign of things to come…”

Read the original article here: http://itmanagement.earthweb.com/netsys/article.php/3667416

Tags: Windows Vista, Vista Security, UAC

Here are some articles I have recently written for Security Pro VIP. Note that these articles are for subscribers only. Security Pro VIP is a new online publication that used to be Penton’s Windows IT Security newsletter.
Bounce Unwanted Files Out of Your Folders
A new file screening tool in the Windows 2003 R2 File Server Resource Manager toolset lets you block certain files or file types from entering a folder or notify an administrator about the files and take some action.

Windows Firewall Auditing
Regularly auditing the firewall configuration settings for the systems you manage keeps accumulated misconfigurations from compromising your protection. A useful script lets you easily audit your systems’ firewall configurations.

DNS Annoyances
Get a handle on DNS annoyances–small but irritating problems that can affect the performance of your network–and use DNS to its full potential.

More DNS Tips
Besides just plain DNS annoyances, we have some great tips for working with DNS.

Other articles I have written for this publication are here.

Windows Vista introduces a new concept called IE Protected Mode. It essentially works by controlling access to files based on how much you trust the source. The technology should make it more difficult for web sites to exploit IE vulnerabilities in IE to automatically install malware. Read the rest of this entry »

Apparently because currently planned releases did not meet testing standards, Microsoft decided to postpone all patches for this month, so you can all let next Tuesday roll by like any other Tuesday.

Microsoft will, however, be releasing several non-security updates through Windows Update.

According to a Microsoft spokesperson, the last time Microsoft did not have any security updates was September of 2005.

I got so tired of visiting all the various security blogs out there that I made myself an aggregated and filtered feed-driven blog of nothing but other Windows security-related blog posts.

The feed pulls from about 40 blogs that focus on Windows security. It also performs various searches on blog search engines to pull posts from other blogs that might be relevant.

This feed has been my daily reading list for about a month now and it is quite good.

I thought others might enjoy it so I converted it to an auto-updating blog. The blog is located at http://winblogs.security-feed.com

Microsoft just posted an article on MSDN that explains many of the new features. Of particular interest are the security features:
http://msdn.microsoft.com/msdnmag/issues/07/03/IIS7/#S7

This should be pretty obvious, but a lot of people don’t seem to be aware of this old trick. Normally, if you try to guess another user’s password and it fails, the attempt will show up in the event viewer of the domain controller. However, there is a way you can try to guess an account’s password without the attempts ever being logged.

It’s actually pretty simple: just unplug your network cable. Read the rest of this entry »

Today Symantec released two new whitepapers about security protections in Vista: Analysis of GS Protection in Windows Vista and Analysis of Address Space Layout Randomization on Windows Vista.

Although my last blog post criticized Symantec for its hyped FUD, these two papers, by the same author, definitely provide some good information and demonstrate the thorough research that Ollie Whitehouse has done on this matter. Furthermore, the author clearly states the true issues here and provides detailed research notes. Read the rest of this entry »