We hope this blog serves as a jumping in point for developers working with Microsoft technologies; to that end one of our UK evangelists, Paul Maher, has put together this security features primer. We hope you find it a useful resource for decoding some of the new language that has been introduced ...
Windows Vista provides a host of new security enhancements that might affect you as a developer. In this article, I will highlight several of these features and provide a brief introduction to each of them.
In Microsoft operating systems prior to Windows Vista, it is very common for users to log on to their computer as an administrator and run their applications with the administrator token. The problem this causes is that malware that manages to access the machine is running with administrator privileges and can cause a great deal of damage.
The User Account Control (UAC) feature of Windows Vista aims to address this issue, and you can read more in my previous MSDN Flash article User Account Control in Windows Vista
There are specific security risks associated with an Internet application because they are often exposed to untrustworthy content. Internet Explorer 7 with Windows Vista provides a mandatory integrity check through its Protected Mode feature.
Protected Mode uses three key technologies that are part of the Windows Vista security model. These are:
User Account Control (UAC), which as previously described enables users to run Vista without the need for administrator privileges.
Mandatory Integrity Control (MIC) which assigns an integrity level to processes, for example, Low, Medium, High, or System.
User Interface Privilege Isolation (UIPI) which prevents lower integrity processes from accessing higher integrity ones.
Windows Vista introduces the concept of hardened services that run under the least possible privileges and limit their activities to the local machine or network. A restricted service program runs from the start with minimal privileges and capabilities. The restricted service approach significantly reduces the number of services that are capable of doing unlimited damage to a user’s machine.
Windows Vista uses four key features to provide hardened services that reduce the potential surface area for an attack: Running with least privilege, Service Isolation, Restricted Network Access, Session 0 Isolation.
BitLocker drive encryption is a hardware-enabled data protection feature in Vista that helps to protect the data on a PC when the machine is in unauthorized hands. The entire Windows volume is encrypted, which prevents unauthorized users from accessing data on the computer.
Network Access Protection (NAP) is an extensible platform that provides a set of components and an API for Windows Server Longhorn and Windows Vista. Administrators and developers can use NAP to create a custom solution for validating the computers that connect to their private networks, providing updates where necessary or specifying limited access for computers that do not meet health requirements.
Windows Vista provides several significant steps in the ongoing security battle. Administrators can make use of features such as User Account Control, Network Access Protection, and Internet Explorer Protected Mode to benefit from the improved security that they provide. As a developer, you must ensure that your applications function as expected in the face of these new features.
Useful Resource: Microsoft Application Security Website