Microsoft tweaks Windows Vista security

By

Software developer makes under the hood changes between RC1 and RC2 releases.


Microsoft has tweaked the security settings of its forthcoming Windows Vista operating system, vnunet.com has learnt.

The software vendor in the latest Release Candidate 2 version of the operating system has disabled some security features while others that were previously switched off have been activated, Marc Maiffret, chief technology officer for security vendor eEye told vnunet.com.

The security features are designed to prevent buffer overflow attacks.

A buffer overflow is triggered when an attacker attempts to store data beyond the boundaries of a fixed length buffer. It can result in an application crash or, in some cases, allow an attacker to take control of a system.

Security settings that are too stringent, however, can prevent existing applications from functioning. Microsoft has designed numerous technologies that are all put in Windows Vista. Activating different combinations allows the software developer to strike a balance between the optimal level of security and application compatibility.

"Even in final version they will have variations [from the current RC2 version]," said Maiffret. "They will change how it's configured by default and how the different layers are going to be enabled by default."

Stringent buffer overflow protections impact applications that use memory in non-standard ways. Some games for instance are designed to execute video buffering to get better graphics performance.

The changes are noticeable because Microsoft typically does not make any large adjustments to its software after the Release Candidate 1. Changes to the software can lead to compatibility issues with third-party applications and hardware devices.

Windows Vista will be made available to PC manufacturers and large enterprises this November. The software's consumer launch is scheduled for January 2007.

A spokesperson for Microsoft stressed that the changes do not impact end users. The company did not follow up on a promise to provide further information on the security changes in RC2.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
microsoftsecuritytweaksvistawindows

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?