Expect the marketing of Windows Vista as the most secure platform to date to continue after the release of the first service pack for the operating system, as Microsoft is hard at work bulletproofing the platform. With the exception of the extensive alterations that will be introduced to the default Windows Desktop Search mechanism in order to welcome third party applications, the Vista security infrastructure will suffer the most complex overhauling. Still, almost nothing will reverberate to the surface of the operating system. With little exception, all the upgrades to be introduced to Vista following SP1 will take the form of an under the hood tune-up.

Microsoft promised that it will deliver enhancements to the overall administration experience, and that Windows BitLocker Drive Encryption will be impacted by the changes. Without a doubt, for corporate customers that need to protect the confidentiality of sensitive data, the BitLocker upgrades for Vista Enterprise and Ultimate are the most prominent security enhancements in SP1. Via the BitLocker control panel, Microsoft will make possible the configuration of drive encryption for multiple disk volumes in addition to the main partition where Vista is installed.

Moreover, "enhances to BitLocker Drive Encryption (BDE) will offer an additional multifactor authentication method that combines a key protected by the Trusted Platform Module (TPM) with a Startup key stored on a USB storage device and a user-generated personal identification number (PIN)," revealed Microsoft's Brandon LeBlanc.

Microsoft will also make all the security updates released through the Windows Update infrastructure in the monthly patch cycle program, an integer part of the operating system's fabric with SP1, as well as deliver all the hotfixes available for specific issues. Jon DeVaan, senior vice president of the Windows Core Operating System division at Microsoft promised that Vista SP1 will feature changes at the level of code in order to completely eliminate patterns that in the past have led to security vulnerabilities.

Windows Vista SP1 also "includes application programming interfaces (APIs) by which third-party security and malicious software detection applications can work with kernel patch protection on x64 versions of Windows Vista. These APIs help ISVs develop software that extends the functionality of the Windows kernel on x64 computers without disabling or weakening the protection offered by kernel patch protection," LeBlanc added.

Windows Security Center will also be modified and trained in order to make it play well with others, and especially third party security solutions. Windows Security Center is designed to centralize the status of security settings and services across the operating system. The first service pack will deliver superior integration and interoperability, and it will also turn the Windows Security Center into a watchdog for applications deployed on the operating system. Currently, Microsoft is in the process of releasing the Windows Vista SP1 Beta to 10,000 to 15,000 MSDN and TechNet subscribers. The final version of the refresh is scheduled for the first quarter of 2008.