How Windows Vista Helps Protect Computers From Malware
How Windows Vista Mitigates Malware
Published: September 6, 2006
If malware circumvents the many Windows Vista preventative security measures, there are still many technologies that Windows Vista provides that have been designed to limit the damage caused by malware including:
- Prevent persistent installation. Even if malware is able to launch itself as a process on a computer, it must make system configuration changes to ensure it starts again after the computer is rebooted. When the malware process is run by a user, Windows Vista makes it much more difficult for malware to persist between reboots by requesting user confirmation before adding a new startup process. When the malware process is run by a service, Windows Service Hardening might be able to prevent the malware from creating a persistent installation.
- Limit spread across a network. Worms, one of the most virulent forms of malware, often spread quickly by infecting other computers across a network. Windows Service Hardening can help block some worms from spreading across the network even after a computer is infected. This feature can reduce the rate of infection on an internal network, giving the IT department the opportunity to identify and remove the worm before more computers are compromised.
- Discover and remove. Developers are constantly creating new malware, and it is impossible to prevent all malware installations. Windows Defender enables users to detect and remove many types of malware that would otherwise be very difficult to uninstall. Windows Defender automatically runs nightly to notify users of new infections. In addition, Microsoft regularly updates the Malicious Software Removal Tool to enable users to remove the most widespread worms and viruses.
All these features are enabled by default in Windows Vista. To help ensure users don’t accidentally disable key security features, the Windows Security Center constantly monitors important security settings and notifies the user of potential security weaknesses. In enterprise environments, the IT department can manage the security configuration centrally with Group Policy settings.
Microsoft recognizes that malware threatens the reliability of computers and the privacy of users. Malware, which can include viruses, worms, spyware, and other potentially unwanted software, is undesired software that performs unwanted actions without the user’s consent. Windows Vista includes many new features that make it far more resistant to malware infections.
UAC offers the benefits of using a Standard user account without the drawbacks users experienced in Windows XP. Protected Mode Internet Explorer, along with other Internet Explorer improvements, reduces the risk of malware infecting a computer through a Web site. Windows Defender integrates spyware prevention, detection, and removal of potentially unwanted software. Windows Service Hardening reduces the damage malware can do in the event a vulnerable service is compromised. Finally, the Windows Security Center provides a centralized console to identify whether a computer is taking advantage of important Windows Vista security features.
Combined, these features provide defense-in-depth with multiple layers of protection. Windows Vista includes both preventative countermeasures to stop malware before it can run and reactive countermeasures that limit the damage malware can do if it is successfully run.
Ultimately, with Windows Vista, malware will be less of a problem for both consumers and IT departments.Top of page