Microsoft Vista could improve Internet security

Two new Microsoft Vista features -- Kernel Patch Protection and User Account Control -- could prove especially useful in preventing serious malware infections.


The much-anticipated and much-delayed release of Windows Vista to the enterprise market was the end of a long, arduous process for Microsoft and the beginning of an equally lengthy and potentially difficult one for customers. Deploying a new OS is never an easy task, and enterprise IT shops only do so when there is a compelling economic or technological reason to do so. With Vista, Microsoft is pinning much of its hopes for broad adoption on the many security upgrades woven into the OS.

Perhaps more important to the overall health and well-being of the Internet at large is how rapidly Vista penetrates the consumer market.
,

However, analysts and customers say that even with new security measures such as Network Access Protection (NAP), an improved Windows Security Center and User Account Control, it will likely be as long as a year or 18 months before Vista makes any serious inroads in corporate networks. Budget cycles, the relative stability of Windows XP and the cautious nature of most CIOs will dictate a cautious approach to large-scale Vista rollouts in the coming months.

But perhaps more important to the overall health and well-being of the Internet at large is how rapidly Vista penetrates the consumer market. The plain ugly truth is that home users are the biggest security threat there is at the moment. Careless and just plain clueless home users have become the favored victim pool for spammers, phishers and bot herders looking to plant their Trojans, keystroke loggers and other malware. Despite the fact that virtually every new PC sold in the last five years has come preloaded with antivirus and other security software, consumers continue to fall victim to scams of every size, shape and color. Once their wares are happily ensconced on users' PCs, attackers use the infected machines as launching pads for all manner of badness, including DoS attacks, bank fraud and spam runs.

This kind of activity has been going on for years, but the education and awareness efforts aimed at home users have been largely ineffective. Apparently clicking on pretty pictures and opening offers for discount Viagra are just too tempting to pass up. But, many of the new security features in Vista should help protect those users from themselves. Two features in particular, Kernel Patch Protection (KPP)and User Account Control (UAC), could prove especially useful in preventing serious malware infections.

Read previous columns by Dennis Fisher:
Oracle should heed critical report touting SQL Server security

Microsoft Kernel Patch Protection should be lauded

KPP, the feature that security vendors love to hate, is designed to stop rootkits and Trojans from hooking the kernel and burrowing deep inside compromised machines. Without access to the kernel, these programs are far less effective at hiding their presence and therefore easier to find and remove. It's important to note that users will not be able to turn off KPP as they are wont to do with things like antivirus or Windows Firewall when they become too intrusive or noisy.

User Account Control is perhaps even more important for the home user base than is KPP. In previous versions of Windows, each user for all intents and purposes was an administrator with unlimited privileges on their machines. This meant that any malware resident on the PC also had administrative rights by default. Not good. With UAC, machines can be set up so that most applications and processes run with limited rights, known as standard user mode. The idea is to prevent users from making changes to their PCs that can cause security vulnerabilities or other problems.

For the 99% of home users who don't have any real technical knowledge, these protections should function as a digital safety net. They may annoy more advanced users in the short term, but the Internet as a whole will be better off for it in the long run.

Read more on IT risk management