What are the security goodies coming in Vista SP1?

This white paper from Microsoft, spells out the security goodies being fitted into this Vista refresh:

• Provides security software vendors a more secure way to communicate with Windows Security Center.
• Includes application programming interfaces (APIs) by which third-party security and malicious software detection applications can work with kernel patch protection on x64 versions of Windows Vista. These APIs help ISVs develop software that extends the functionality of the Windows kernel on x64 computers without disabling or weakening the protection offered by kernel patch protection.
• Improves the security of running RemoteApp programs and desktops by allowing Remote Desktop Protocol (RDP) files to be signed. Customers can differentiate user experiences based on publisher identity.
• Adds an Elliptical Curve Cryptography (ECC) pseudo-random number generator (PRNG) to the list of available PRNGs in Windows Vista.
• Enhances BitLocker Drive Encryption (BDE) to offer an additional multifactor authentication method that combines a key protected by the Trusted Platform Module (TPM) with a Startup key stored on a USB storage device and a user-generated personal identification number (PIN).

It's also likely (but not confirmed) that several known Vista vulnerabilities/weaknesses will be addressed in this service pack.

[ SEE: Vista voice exploit - cry wolf? ]

For example, this low-risk information disclosure hole is still unpatched, as is the Vista voice exploit discovered earlier this year.

According to the National Vulnerability Database, there are quite a few issues affecting Vista that hasn't been fully addressed by Microsoft.

Then there's the controversial User Account Control (UAC) design flaw that just might get some attention in this service pack.