One of Microsoft's primary goals for Windows Vista was to make it more secure than previous versions of Windows, so not surprisingly, Microsoft made many changes and additions in the name of security. For example, Windows Vista includes a two-way firewall, built-in antispyware, hardware-based encryption, Parental Control features, antiphishing tools, a pop-up killer, and User Account Control (UAC), which forces you to confront pop-up warnings before you take certain actions.
This chapter covers these changes and more. But Microsoft has done at least as much work under the hood to make sure Windows Vista is as secure as possible. You won't see these changes, because they take place without you having to take any action, and there's no way for you to turn them off or customize them. Here are some of the new built-in security features you don't see, but that protect you every time you use your PC:
Windows Service Hardening
This prevents malicious software from doing damage by stopping abnormal activity from taking place in the filesystem, Registry, and network to which the PC is attached.
Network Access Protection (NAP)
This stops an infected computer from making a connection to a network so that it cannot spread its infection to other computers.
File and Registry virtualization
In some instances, Windows Vista creates virtual folders and Registry keys so that when changes are made or new software is installed, changes are not made to the actual system but instead are made first to these virtual areas for safety purposes.
For the changes that you can seeand can do something aboutperuse this chapter. Here is an alphabetical reference of entries in this chapter:
BitLocker Drive Encryption
User Account Control
Virtual Private Network Connection
Encrypting File System (EFS)
Internet Explorer Protected Mode
Local Security Policy
Security Control Panel Category
NTFS Encryption Utility
Security File and Folder Properties
Windows Update Standalone Installer