The upcoming Windows Vista Service Pack (SP) 1, which some say will be released today, as well as Windows XP SP3 and Windows Server 2008, will feature new security APIs to help make Windows more secure.
The upcoming Windows Vista Service Pack (SP) 1, which some say will be released today, as well as Windows XP SP3 and Windows Server 2008, will feature new security APIs to help make Windows more secure.The new APIs in question are designed to help developers make use of Microsoft's Data Execution Prevention (DEP) technology. For the uninitiated, DEP is designed to guard computer memory against malicious code and can be implemented in both hardware and software.
According to Microsoft, "DEP can help block a class of security intrusions. Specifically, DEP can help block a malicious program in which a virus or other type of attack has injected a process with additional code and then tries to run the injected code."
"This is one of numerous 'invisible' defenses in Windows Vista," said Howard (A senior security program manager at Microsoft) in an e-mail. "Data Execution Prevention (aka NX) reduces the chance that data will execute. Just about all buffer overrun vulnerabilities take the form of data, and then that data is executed. DEP can help prevent that. But we have many, many more defenses in Vista like this that help reduce the likelihood that buffer overrun attacks will lead to compromised customers. The attack might happen, we obviously can't stop people attacking systems, but we can help reduce the chance the attacks will be successful."
In January, I reported that Microsoft Vista logged fewer flaws in its first year compared to other modern OSs. Detractors can be argued that the metric of measuring reported flaws is imperfect, and that the paper was published by Microsoft's own Trustworthy Computing Group. However, it does seem that Microsoft is indeed making a concerted, dedicated push towards better security.
Still, the fact remains that it will take some time, years perhaps, before these new APIs are widely employed. My question is, do you see the current tide of worms, rootkits, and other exploits easing off anytime soon?
You can read more about the new NX APIs here.