Windows

Microsoft brings more security to Windows in Vista SP1

The upcoming Windows Vista Service Pack (SP) 1, which some say will be released today, as well as Windows XP SP3 and Windows Server 2008, will feature new security APIs to help make Windows more secure.

The upcoming Windows Vista Service Pack (SP) 1, which some say will be released today, as well as Windows XP SP3 and Windows Server 2008, will feature new security APIs to help make Windows more secure.

The new APIs in question are designed to help developers make use of Microsoft's Data Execution Prevention (DEP) technology. For the uninitiated, DEP is designed to guard computer memory against malicious code and can be implemented in both hardware and software.

According to Microsoft, "DEP can help block a class of security intrusions. Specifically, DEP can help block a malicious program in which a virus or other type of attack has injected a process with additional code and then tries to run the injected code."

Excerpt from InformationWeek:

"This is one of numerous 'invisible' defenses in Windows Vista," said Howard (A senior security program manager at Microsoft) in an e-mail. "Data Execution Prevention (aka NX) reduces the chance that data will execute. Just about all buffer overrun vulnerabilities take the form of data, and then that data is executed. DEP can help prevent that. But we have many, many more defenses in Vista like this that help reduce the likelihood that buffer overrun attacks will lead to compromised customers. The attack might happen, we obviously can't stop people attacking systems, but we can help reduce the chance the attacks will be successful."

In January, I reported that Microsoft Vista logged fewer flaws in its first year compared to other modern OSs. Detractors can be argued that the metric of measuring reported flaws is imperfect, and that the paper was published by Microsoft's own Trustworthy Computing Group. However, it does seem that Microsoft is indeed making a concerted, dedicated push towards better security.

Still, the fact remains that it will take some time, years perhaps, before these new APIs are widely employed. My question is, do you see the current tide of worms, rootkits, and other exploits easing off anytime soon?

You can read more about the new NX APIs here.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

1 comments
JDW1340
JDW1340

I don't want my XP computer to start asking for permission to move a mouse cursor (yes, I know, it is an exaggeration) like Vista does. So, what exactly does SP3 bring to the table. Will it be a boon to XP or will be a nightmare to usability.

Editor's Picks