An interesting article about Windows Vista security model

SecurityReading some security related RSS feeds, I've came upon an interesting article about the new Vista security model.

It explains not only what most of the new features mean (UAC, UIPI, Integrity Levels, ASLR and the XP-SP2 existing DEP) with examples like how Vista's Internet Explorer runs to be safer if compromised, or how to harden Firefox in a similar way, but provides some tips (like creating limited privileged accounts and use UAC) and remarks some possible flaws in the new security model.

Her conclussions are clear: "Microsoft did a good job with securing Vista".

Update: Joanna has posted again, after reading Mark Russinovich's last post, and now things have turned to "Vista Security Model - A big joke?". After reading both posts, Mark's one frightens a bit, because in order to maintain compatibility there are possible flaws (which don't means they're actual security holes) with the elevation of processes and Protected Mode IE 7. He concludes that we can take advantage of ILs to add an additional layer of security, but by no means it's a perfect one.


Posted by Kartones on 2007-02-11