There is more to Windows Vista than meets the eye. And the evolution of the operating system is by no means confined to the surface, as the foundation of the user experience stretches deep inside the architecture of the operating system. Michael Howard and Matt Thomlinson from Microsoft have published a document focused on the unseen trances of the operating system.

Claiming that Windows Vista brings nothing new to the table in comparison with Windows XP is nothing more than adopting an ignorant position. Windows Vista ISV Security, authored by security expert Michael Howard and Director of Security Engineering at Microsoft Matt Thomlinson, is meant to illustrate some of the buffer overrun defenses that Microsoft has set up for Windows Vista.

Windows Vista features a collection of buffer overrun defenses that are ultimately designed to provide security barriers against exploits. The Windows Vista ISV Security paper contains an insight on both the security measures implemented into the core of the operating system as well as on those delivered by the Microsoft Visual C++ compiler. /GS Stack buffer overrun detection, /SafeSEH exception handling protection, no eXecute (NX) / Data Execution Prevention (DEP) / eXecute Disable (XD), together with address space layout randomization (ASLR), heap randomization, stack randomization and heap corruption detection are all integer parts of the security mechanism in Vista.

"Windows Vista offers numerous defensive enhancements designed to protect customers from malware. Applications that run on the platform should take full advantage of these defenses as the defenses are essentially free and could transform a coding error from a serious vulnerability into a crashing bug. In the case of Internet Explorer, some of the Windows Vista defenses only come into play when all components consumed by the browser support the defenses," reads the introductory part of the Windows Vista ISV Security.