Windows security information for IT Pros

This white paper provides information about the communication that flows between features in Windows Vista and sites on the Internet, and describes steps to take to limit, control, or prevent that communication in an organization with many users.

The Microsoft Windows Malicious Software Removal Tool checks computers running Windows® XP, Windows Vista, Windows® 2000, and Windows Server® 2003 for infections by specific, prevalent malicious software and helps remove any infection found.

The Network Access Protection (NAP) platform is a computer health policy enforcement technology that provides system health validated access to private networks. It provides an integrated way of detecting the health state of a network client that is attempting to connect to or communicate on a network and isolating that network client until the health requirements have been met.

User Account Control (UAC) reduces the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malicious software that has infected their computer.

Windows Defender is a free program for small businesses and home use that helps protect computers against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.

This roadmap contains links to getting started content, diagnostic and troubleshooting tools, and introduction to Server and Domain Isolation.

The Windows Server 2003 TechCenter contains information about administering Windows Server Update Services (WSUS) for Windows Vista.

The Windows Server 2003 TechCenter contains information pertinent to administering Group Policy for Windows Vista.

Microsoft Baseline Security Analyzer (MBSA) is a tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. MBSA detects common security misconfigurations and missing security updates on your computer systems.

Seventeen new security settings have been created for Windows Vista and are described in this topic. For security policy settings in Windows Server 2003, see Security Policy Settings on the TechCenter Web site.

With software restriction policies, administrators can help protect their computing environment from untrusted software by identifying and specifying which software is allowed to run. Two improvements have been made to software restriction policies for Windows Vista.

WMI contains many new features and additional help in Windows Vista, including User Account Control scripting information, IPv6 and IPv4 support, security auditing of WMI namespaces, and new provider hosting models.

For a listing and links to the new security features in Windows Vista, see What's New in WMI.

Drive encryption protects data by preventing unauthorized users from breaking Windows file and system protection on lost or stolen computers. This protection is achieved by encrypting the entire Windows volume. With BitLocker all user and system files are encrypted including the swap and hibernation files.

Security identifiers (SIDs) are numeric values that identify a user or group. For each access control entry (ACE), there is a SID that identifies the user or group for whom access is allowed, denied, or audited. OwnerRights is the new SID for Windows Vista.

For information about other well-known SIDs, see How Security Identifiers Work.

Trusted Platform Module (TPM) Services is a new feature set in Windows Vista and Windows Server® 2008 that is used to administer the TPM security hardware in a computer.

Microsoft Windows Rights Management Services for Windows Server 2003 is a security technology that works with applications to help safeguard digital content for organizations that need to protect sensitive Web content, documents, and e-mail.

The Windows Vista Security Guide provides instructions and recommendations to help strengthen the security of desktop and laptop computers running Windows Vista in a domain with the Active Directory directory service.

The guide includes tools, step-by-step procedures, recommendations, and processes that significantly streamline the deployment process. It also provides a reproducible method that you can use to apply the guidance to both test and production environments.

Stay updated on the latest security developments by participating in the Windows Vista Security blog on MSDN.

The Windows Server 2003 Security Guide provides specific recommendations about how to harden computers that run Windows Server 2003 with Service Pack 1 (SP1) in enterprise environments.

The Threats and Countermeasures guide is a reference to all security settings that provide countermeasures for specific threats against current versions of the Windows operating systems.

Understand the impact that the security changes in Windows Vista may have on existing solutions and the opportunities that exist to build a new generation of secure solutions for Windows.