Microsoft reveals Vista security plans

The software giant plans to put an increased emphasis in Vista on whitelisting, DRM additions and authenticating code
Written by Tom Espiner, Contributor

Speaking at the RSA Conference in San Francisco on Wednesday, Microsoft's director of program management for Windows security, David Cross, said there would be an increased emphasis in Vista on whitelisting, a technique which allows only a specific list of programs to run on a system.

"Whitelisting complements signature detection and allows people to build improved systems-management tools," said Cross.

Microsoft will devote funds to hardening the Vista platform and will develop kernel mode extensions. More money will also be spent on User Account Control (UAC) and authenticating code via a process called "code signing", added Cross. 

"We'll see code-signing support added to more scenarios, like UAC, and that enforcement will extend over time," said Cross.

Technical protection measure attestation, a way of enforcing copyright, will also be added to Vista digital-rights management. 

Editorial standards