14 DAY TRIAL // There is an ultimate security solution for Windows Vista and it involves not so much the deployment of antivirus products but running a special configuration designed to add an extra layer of protection between the client operating system and the outside world, accessible via an Internet connecting. Users of Windows Vista Business, Enterprise and Ultimate could install a virtual machine inside a hardware emulating technology running in the Vista copy installed directly on the hardware. If the virtual machine is run with limited, standard user privileges, the guest operating system will have restricted access to the host platform through the virtualization software.
Additionally, users should treat the virtualized copy of Windows Vista like the host operating system and install security solutions in both. Now, a potential attack from the Internet, via a malicious website or a malformed email, would have to get through all the protections of the virtualized copy of Windows Vista, through IE7 running in Protected Mode, through the UAC and the third-party security solution just to find itself confined to a virtual machine. And the guest operating system inside the VM can be effortlessly reverted to a former state scraping all the impact delivered by the malware or exploit.
"A way to add a layer between your computer and the internet is to access the internet via a purpose built Virtual Machine. Makes of virtualization software include Microsoft Virtual PC, VMWare, qemu and others. Using a Virtual Machine will allow you to install operating systems that run as applications on your existing computer. Virtual machines are resource intensive and are not recommended for older computers but one of their greatest strengths is that they can be reverted to a known state with just a couple of clicks, thereby deleting any malware that might have gotten through your defenses," revealed a member of the Sophos Lab.
Basically, a piece of malicious code would have to completely go through a copy of Vista and through the limitations associated with an operating system running inside a virtual machine with standard user privileges just to get to the primary operating system. Still, this is not a foolproof scenario, just because the malware authors have produced malicious code that will detect a virtual machine and go straight for the host.
"Be aware though, that if malware does start running in your virtual machine, it may achieve its purpose (eg, a keylogger may still harvest your keystrokes). However, a virtual machine can be setup to revert to the last snapshot when you reboot it. At this point any malware will be deleted. Using a virtual machine will not necessarily protect you from all threats, as some malware knows how to detect that its running in a virtual machine and maybe able to infect the host," the Sophos Lab security expert added.