Whistler will block unauthorised software

Whistler, Microsoft's upcoming Windows release, will include a security feature to block any software lacking a valid digital...

Whistler, Microsoft's upcoming Windows release, will include a security feature to block any software lacking a valid digital signature, writes Daniel Thomas.

Jim Ewel, vice-president for IT infrastructure and hosting at Microsoft, announced that the feature will be included in a range of new security options on Whistler, beta versions of which have already been sent out.

Although it was implemented in response to e-mail attachment viruses such as the Love Bug, the feature will extend to every piece of code executing on the machine.

Neil Laver, product manager for Windows desktop at Microsoft, said, "This is currently a feature we hope to include, but beta testing will confirm the viability of this.

"In addition, the administrator will be able to disable this feature on a group basis (via active directory) or per individual PC."

At the moment, ensuring that Windows 2000 software is secure is largely down to the end-user. A "trusted application" is signed by the software publisher, so that users can determine its source and verify that it has not been altered or tampered with.

Developers may purchase the cryptographic certificates used to create these signatures from Verisign - Microsoft has no say in determining who receives certificates or what software could be signed.

Some analysts fear that the new security feature could increase the software giant's power over Windows software developers.

The company already has complete control over the signing process for hardware, such as printers and scanners, and users are blocked from installing anything not approved by Microsoft.

In a separate development, a security expert reported last week that Microsoft's Web browser has a security vulnerability that lets malicious programmers find temporary Internet file folders and take over a user's computer.

Bug-finder Georgi Guninski said the vulnerability, which affects Internet Explorer 5.5 and Microsoft's Outlook and Outlook Express e-mail clients, exploits .chm files, a compressed help file format.

"Customers will not encounter this issue as part of their normal Web browsing of popular sites," said Laver. "A skilled hacker has to purposefully create malicious script on their Web site in order for a customer to be affected."

Read more on Operating systems software