Security and safety features new to Windows Vista

Beginning in early 2002 with Microsoft's announcement of its Trustworthy Computing initiative, a great deal of work has gone into making Windows Vista a more secure operating system than its predecessors.

Some specific areas where Windows Vista introduces new security and safety mechanisms include User Account Control, parental controls, Network Access Protection, a built-in anti-malware tool, and new digital content protection mechanisms.

If the user chooses to allow, the process initiating the action is elevated to a higher privilege context to continue.

UAC asks for credentials in a Secure Desktop mode, where the entire screen is faded out and temporarily disabled, to present only the elevation UI.

Applications written with the assumption that the user will be running with administrator privileges experienced problems in earlier versions of Windows when run from limited user accounts, often because they attempted to write to machine-wide or system directories (such as Program Files) or registry keys (notably HKLM)[2] UAC attempts to alleviate this using File and Registry Virtualization, which redirects writes (and subsequent reads) to a per-user location within the user's profile.

It ensures that the computer running Windows Vista starts in a known-good state, and it also protects data from unauthorized access.

The EFS encryption key cache can be cleared when a user locks his workstation or after a certain time limit.

The rekeying wizard can also be used to migrate users in existing installations from software certificates to smart cards.

Windows Defender also includes the ability to remove ActiveX applications that are installed and block startup programs.

It also incorporates the SpyNet network, which allows users to communicate with Microsoft, send what they consider is spyware, and check which applications are acceptable.

[8][9] Windows Vista includes a range of parental controls for administrators to monitor and restrict computer activity of standard user accounts that are not part of a domain; User Account Control enforces administrative restrictions.

Features include: Windows Vista Web Filter—implemented as a Winsock LSP filter to function across all Web browsers—which prohibits access to websites based on categories of content or specific addresses (with an option to block all file downloads); Time Limits, which prevents standard users from logging in during a date or time specified by an administrator (and which locks restricted accounts that are already logged in during such times); Game Restrictions, which allows administrators to block games based on names, contents, or ratings defined by a video game content rating system such as the Entertainment Software Rating Board (ESRB), with content restrictions taking precedence over rating restrictions (e.g., Everyone 10+ (E10+) games may be permitted to run in general, but E10+ games with mild language will still be blocked if mild language itself is blocked); Application Restrictions, which uses application whitelists for specific applications; and Activity Reports, which monitors and records activities of restricted standard user accounts.

Windows Parental Controls includes an extensible set of options, with application programming interfaces (APIs) for developers to replace bundled features with their own.

The Portable Executable format has been updated to support embedding of exception handler address in the header.

Function pointers are obfuscated by XOR-ing with a random number, so that the actual address pointed to is hard to retrieve.

When a stack overflow in Windows Vista binaries is detected, the process is killed so that it cannot be used to carry on the exploit.

Windows Vista offers full support for the NX (No-Execute) feature of modern processors.

This feature, present as NX (EVP) in AMD's AMD64 processors and as XD (EDB) in Intel's processors, can flag certain parts of memory as containing data instead of executable code, which prevents overflow errors from resulting in arbitrary code execution.

Therefore, DEP is not enforced for all applications by default in 32-bit versions of Windows and is only turned on for critical system components.

[15] This is intended to help mitigate a class of exploits of the Windows message-passing system, known as Shatter attacks.

Windows Vista also hardens the named pipes used by RPC servers to prevent other processes from being able to hijack them.

Combined with supporting hardware, Credential Providers can extend the operating system to enable users to log on through biometric devices (fingerprint, retinal, or voice recognition), passwords, PINs and smart card certificates, or any custom authentication package and schema third-party developers wish to create.

Enterprises may develop, deploy, and optionally enforce custom authentication mechanisms for all domain users.

Credential Providers may be designed to support Single sign-on (SSO), authenticating users to a secure network access point (leveraging RADIUS and other technologies) as well as machine logon.

NAP can also optionally provide software updates to a non-compliant computer to upgrade itself to the level as required to access the network, using a Remediation Server.

Parental Controls of Windows Vista displaying features to restrict a Danielle standard user account