On Tuesday I attended a Security talk focused on the changes in Vista Security that are deep inside the product. The talk was an entertaining one but focused a lot on the underlying code and changes rather than an overview of the features of security in Windows Vista.
The talk was held by Michael Howard and Jeffrey R. Jones who are both security guys at Microsoft.
They spoke about the features of security but as this was a dev focused chat this was only brief.
Next the duo described the engineering process at Microsoft for Windows Vista. This was an interesting insight and they stressed that the external reviewers were the key process to helping them spot bugs and weed out security issues.
For the engineering of Vista Microsoft Security banned weak crypto like MD5 and SHA1. MD5 was described as “bust” and SHA1 would be bust very soon so Micrsoft wanted to stop this development.
The partners and external businesses that tested Vista and its security were:
Due to the new security features in Vista several advisories do not affect Windows Vista
Isolation is one of the main ways Vista is more secure by default. It allows processes to run at a lower level priviledge when the system wide default is set to medium. This prevents data being written to the OS by the lower level app. One of these applications is Internet Explorer.
Service hardening allows services to not run as high level SYSTEM accounts anymore. This means services move out of the system and you can describe the access you require for said services. The service control manager will only grant those access rights.
DEP (Data Execute Protection) is the main memory feature of Windows Vista that is now turned on by default. Microsoft had to convince OEMs to enable this feature by default in their BIOS options. DEP cannot be turned off once it’s turned on for a process. Vendors only disabled this because of fears with appliation compatability.
NX is not enabled by default in Internet Explorer 7 for compatability reasons but will be enabled by default in IE8 and onwards.
ASLR is the next major memory defense in Vista. It relies on DEP being enabled and it moved the system around into 1 of 256 slots which change at every reboot. Hackers like predictability so removing this predictability every boot helps a lot.
Finally it was explained that the recent 0-day exploit for DNS did not affect Windows Server 2008 beta 2 because of the following reasons:
On Tuesday I attended a Security talk focused on the changes in Vista Security that are deep inside the product. The talk was an entertaining one but focused a lot on the underlying code and changes rather than an overview of the features of security in Windows Vista.
The talk was held by Michael Howard and Jeffrey R. Jones who are both security guys at Microsoft.
They spoke about the features of security but as this was a dev focused chat this was only brief.
Next the duo described the engineering process at Microsoft for Windows Vista. This was an interesting insight and they stressed that the external reviewers were the key process to helping them spot bugs and weed out security issues.
For the engineering of Vista Microsoft Security banned weak crypto like MD5 and SHA1. MD5 was described as “bust” and SHA1 would be bust very soon so Micrsoft wanted to stop this development.
The partners and external businesses that tested Vista and its security were:
Due to the new security features in Vista several advisories do not affect Windows Vista
Isolation is one of the main ways Vista is more secure by default. It allows processes to run at a lower level priviledge when the system wide default is set to medium. This prevents data being written to the OS by the lower level app. One of these applications is Internet Explorer.
Service hardening allows services to not run as high level SYSTEM accounts anymore. This means services move out of the system and you can describe the access you require for said services. The service control manager will only grant those access rights.
DEP (Data Execute Protection) is the main memory feature of Windows Vista that is now turned on by default. Microsoft had to convince OEMs to enable this feature by default in their BIOS options. DEP cannot be turned off once it’s turned on for a process. Vendors only disabled this because of fears with appliation compatability.
NX is not enabled by default in Internet Explorer 7 for compatability reasons but will be enabled by default in IE8 and onwards.
ASLR is the next major memory defense in Vista. It relies on DEP being enabled and it moved the system around into 1 of 256 slots which change at every reboot. Hackers like predictability so removing this predictability every boot helps a lot.
Finally it was explained that the recent 0-day exploit for DNS did not affect Windows Server 2008 beta 2 because of the following reasons: