14 DAY TRIAL // While there has not been a single security feature addition to Windows Vista that managed to escape criticism, the fact of the matter is that Microsoft has a different perspective on security. For the Redmond Company, Windows Vista's security features are just a part of the defense-in-depth approach to the operating system's protection.
"With Windows Vista, we're taking a defense-in-depth approach to helping protect users from malware, which includes features such as User Account Control, Windows Service Hardening, ASLR and Kernel Patch Protection (aka PatchGuard). Additional technologies such as IE protected mode provide a safer browsing experience, and Windows Defender helps protect against spyware that might later try to download spyware, such as a rootkit, to a user's machine," revealed Stephen Toulouse, senior program manager for the Trustworthy Computing Group.
In the end, all the security features are multiple layers of protection against malicious code. Features such as the User Account Control, Protect Mode and Kernel Patch Protection are an integer part of the Windows Vista defense-in-depth.
A recent subject of the controversy targeting Windows Vista was focused on the User Account Control, and the fact that the feature is not designed to provide security boundaries. Toulouse provided additional insight on Microsoft's strategy for the UAC.
"User Account Control (UAC) makes it much easier and much more convenient for a user to run under a restricted user account. In previous versions of Windows, everyone was running as administrator, which of course could allow a malicious piece of software installed through social engineering to take any action it wanted to on the system. UAC is designed to help move the industry down to running with lower privileges on the operating system, and through elevation prompts, elevate only as needed and then drop back down," he explained.