Windows IT Pro UPDATE--Hacking Windows Vista

----------------| Windows IT Pro UPDATE |----------------

In This Issue * Hacking Windows Vista * From Windows IT Pro: System Center Product Roadmap * From the Community: A Dozen Microsoft Security Patches for August * Add Motion, Smoke, and Water Sensors to Your Environment







Sponsor: Argent Software

NETWORK TESTING LABS COMPARES ARGENT TO MOM 2005 Network Testing Labs, one of the world's leading independent research companies, concluded that "Argent's suite had a smaller footprint, was more scalable, supported more platforms, had a more responsive and intuitive user interface and gave us more useful reports," the report says. "Argent's suite of monitoring products emerged from our testing with flying colors."

Download this FREE Comparison Paper now:


***Commentary: Hacking Windows Vista
by Paul Thurrott, News Editor, [email protected]

I have to give Microsoft some credit: Last week, the company invited hackers at the Black Hat USA 2006 security conference in Las Vegas to hack into Windows Vista after giving them a tour of the upcoming OS's new security features. Hackers at the show came away impressed with both Microsoft's candor and some of the new security features, although many of them added that the improvements were long overdue. But the real news from the show is that Vista was actually successfully hacked the very day that Microsoft made its Black Hat presentation. And that news has to have Microsoft's customers worried.

Sure, Vista's still in beta, but we're in the release candidate (RC) phase of development now and that supposedly means that the next potential Vista milestone is a build of the product that Microsoft considers a candidate for the final release version. (Reality update: In a bit of name bending, the Vista RC1, still expected this month, will have more in common with a beta release than the final shipping version.)

Here's the thing. Vista is feature complete and has been since early this year. Microsoft will no doubt change Vista's security features to prevent the kind of hack that was demonstrated during Black Hat (in which a Polish security researcher used virtualization technologies to bypass Vista's security). But this is exactly the kind of reactive security measure that Microsoft's newly minted and much-ballyhooed security code review was supposed to prevent. It's not hard to imagine other security flaws being exposed after Vista is finalized. What happens then? A monthly deluge of security updates, just like happened with Windows XP.

Joanna Rutkowska, the researcher who demonstrated how to bypass Vista's security, made an interesting comment that pretty much sums up my expectations. "The fact that this mechanism was bypassed does not mean that Vista is completely insecure," she said. "It's just not as secure as advertised. \[But\] it's very difficult to implement a 100 percent-efficient kernel protection." In other words, Vista will be more secure than XP, but will still face security problems. Thus, the status quo is likely to continue. That's a bad sign.

Rutkowska calls her hack Blue Pill, and it uses AMD's Pacifica virtualization technologies, plus a bit of user interaction--bypassing User Account Protection (UAP) by pressing the Accept button in a dialog box--to pull off its magic. Some people might argue that such a complex series of steps speaks well of Vista's security. But in my experience, most of the best hacks are bootstrapped by user error. Humans are pretty much the weakest link in the security chain. It's no wonder, when you think about it, that many of Vista's security features--such as Microsoft Internet Explorer 7 Protected Mode, UAC, and Address Space Layer Randomization (ASLR)--are ultimately designed to help protect us from ourselves.

Security aside, Vista is nowhere near the shape it needs to be in at this stage in the game. Thus, I'm recommending that Microsoft hold off on releasing Vista until the product is really ready rather than releasing it in October to meet an arbitrary release to manufacturing (RTM) date. Microsoft, you can always grandfather in Software Assurance (SA) customers who were counting on getting Vista licenses this year. Do the right thing.

I've also written a tongue-in-cheek overview of my feelings about the readiness of Vista in an article called "Is Windows Vista Ready?" You can find it on the SuperSite for Windows.


Sponsor: IDC

Branch offices need flexibility and autonomy in implementing IT solutions; corporate requirements require centralized management, security, and compliance initiatives. Learn to resolve these conflicts and reduce your operational costs for branch offices with limited IT resources. Download the free whitepaper today!


***From Windows IT Pro: System Center Product Roadmap

The System Center family of products includes Microsoft Operations Manager (MOM) 2005, Systems Management Server (SMS) 2003, Windows Server Update Services (WSUS), and Data Protection Manager (DPM). Follow along as Karen Forster explores the road map for the upcoming and existing management products and forthcoming versions of the existing products.

***From the Community A Dozen Microsoft Security Patches for August
Microsoft will release a dozen security patches today. Read more about them in the most recent post to the Security Matters blog at

------ Have a question? Got answers? Join your peers in the Windows IT discussion forums:
Current Threads:
Windows: Genuine Advantage and Product Activation
Laptops Stolen
I Need Help Installing Windows XP Professional

------ Tell us what you think in this month's Instant Poll:
What is your primary method of rolling out service packs?
a. Software Update Services (SUS) by itself
b. Systems Management Server (SMS) or SMS with SUS
c. Scripts and/or Group Policy
d. Windows Automatic Updates
e. Third-party tools

~~~~ Hot Spot: ~~~~

Help your small- or medium-sized business protect one of its most valuable assets – business information. Easily store, manage, protect and share information with hardware designed with the needs of your business in mind. Manage IT without the large staff and extensive training – learn how today!


New and Improved
by Blake Eno, [email protected]

Add Motion, Smoke, and Water Sensors to Your Environment
NETIKUS.NET announced updates to EventSentry, its event log, system health, and network monitoring solution. EventSentry lets you view and integrate Nessus data into the open-source Web-reporting system. The product now offers support for motion, smoke, and water sensors in addition to the existing temperature sensors. Additional upgrades include shutdown and service control notifications, dashboard improvements, filter timer creation, and Web-based tutorials. A 30-day trial is available and pricing starts at $69. For more information, contact NETIKUS.NET at 312-624-7698 or 877-638-4587.

WANTED: Your reviews of products that you've tested and used in production. Share your experiences and ratings of products to [email protected] and get a Best Buy gift certificate.


Events and Resources:

Windows Connections Conference Now in its seventh year, Windows Connections returns November 6-9, at Mandalay Bay in Las Vegas. Don't miss your chance to interact with industry experts and hear the latest information on Windows Server 2003, Windows 2000 Server, and Windows XP Professional! Register and attend sessions at Microsoft Exchange Connections FREE!

Gear up for TechX World Roadshow Hear first-hand from today's leading interoperability experts, vendors, and peers at this exclusive one-day event. You'll learn about managing OS interoperability, directory migration, data interoperability, and much more. Register for the early-bird special of $129 by August 31!

Learn all you need to know about code-signing technology, including the goals and benefits of code signing, how code signing works, and the underlying cryptographic and security concepts and building blocks.

Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today!

When your systems go down, your users' productivity grinds to a halt. User downtime is one of the fastest growing concerns among businesses. This free Web seminar teaches you how to keep your users continuously connected and your business up and running. Live event: Thursday, August 24


Featured White Paper

Antivirus or patching software alone isn't enough to protect your valuable systems from spyware. Learn how an enterprise antispyware solution gives you an affordable--and most important, effective, solution to spyware. Download the free whitepaper today!


Monthly Online Pass--only $5.95 per month! Includes instant online access to every article ever written in Windows IT Pro magazine, plus the latest digital issue. Order now:

Save $40 off SQL Server Magazine Subscribe to SQL Server Magazine today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire SQL Server Magazine online article archive, which houses more than 2,300 helpful SQL Server articles. This is a limited-time offer, so order now:

==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today!

Subscribe to this newsletter at

Make sure your copy of Windows IT Pro UPDATE doesn't get mistakenly blocked by antispam software! Be sure to add [email protected] to your list of allowed senders and contacts.

Manage Your Account You are subscribed as %%$email%%

You are receiving this email message because you subscribed to this newsletter on our Web site. To unsubscribe, click the unsubscribe link:

View the Windows IT Pro Privacy policy at Windows IT Pro is a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All Rights Reserved.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.