Windows Vista Security: A year later

[heatlesssun]

Maybe I’m in the minority, but I’m a very happy Windows Vista camper. I did some casual beta testing, but took my official plunge last November when I installed Vista Ultimate on my Toshiba Core Duo tablet pc. My only real problem with Vista has been drivers, or lack thereof.

Now a year later, that’s all but straightened out except for a couple of Bluetooth USB transceivers. Never had a big need for them but I do need to look into that again.

I digress. What I’m really curious about is what people are thinking about Vista security. It’s been a little funny. When Vista first came out, everyone was shouting about how much of a pain in the ass UAC, but to be honest, I never thought so. And every day there’s some story about how slow or broken Vista is, but what I find strange is that stories of malware seem almost non-existent.

I don’t run an active virus scanner. I’ll scan software that I don’t trust with manually with a free scanner and do a full machine scan once a month. I do run Windows Defender, keep my machines patched, use DEP, use Windows firewall along with my routers firewall, and I don’t open attachments from untrusted sources. Actually, this is almost the same security practice I use with XP and I never had a single problem. Under XP, I used to use Firefox to browse less “reputable” sites. I however don’t really think about with Vista, I actually feel that IE in protected mode might actually be better overall than Firefox, but at any rate, no problems, even on less reputable sites.

So what is the real state of Vista security? Is it pretty solid like I think or is it Swiss cheese sandwich?

 

[RangerSVT]

You're going to be surprised by the amount of people that might come in to say "Vista is the ultra security hole, it is the suck and should be the banned".

I however agree with you, I'm thinking of simply uninstalling Spybot S&D and SuperAntiSpyware. I've had this Vista install for 4 months now and have not gotten any form of adware or malware from any internet site I visit. so I see no reason to keep them running on my machine.

 

[DrDoU]

have used vista for about 5 months and have had no security issues.use the wimdows firewall and have had no breaches.also use windows live onecare.

 

[Catweazle]

I'm thinking of simply uninstalling Spybot S&D and SuperAntiSpyware.

I never installed (see note) such software, right from the outset. I've been running Vista as my primary, everyday working platform since the first day of retail release. It is not only still 'clean' but it has never had a malware intrusion get through the defences of:

• Protected mode IE7
• Windows Defender
• Windows Firewall
• The NAT protection of the ADSL modem/router
• A freeware AV program

.

(Note: I have, from time to time, installed other and supposedly more stringent scanning tools on the machine, to test for the presence of 'intruders' my setup may not have detected. )


It's not a circumstance of my having not visited websites which would infect my machine, either. I have intentionally thrown the machine through every nefarious backwater of the internet I could find. I want to be confident in what I'm saying to people!

To the 'default' defences of the machine have been added a rigid 'principle of use':

Do not agree to the installation of anything as a result of prompts a web page produces unless:

• It is a prompt from a major and reputable software company.
• It is a prompt from a major and reputable service provider.
• It is free of the requirement to also install 'Browser toolbars'.

Kinda makes it easy to help people keep their machines clean now. Admittedly, that last bit requires a small amount of 'learning'. But overall it isn't a difficult concept to grasp.

 

[RangerSVT]

I never installed (see note) such software, right from the outset. I've been running Vista as my primary, everyday working platform since the first day of retail release. It is not only still 'clean' but it has never had a malware intrusion get through the defences of:

• Protected mode IE7
• Windows Defender
• Windows Firewall
• The NAT protection of the ADSL modem/router
• A freeware AV program

.

(Note: I have, from time to time, installed other and supposedly more stringent scanning tools on the machine, to test for the presence of 'intruders' my setup may not have detected. )


It's not a circumstance of my having not visited websites which would infect my machine, either. I have intentionally thrown the machine through every nefarious backwater of the internet I could find. I want to be confident in what I'm saying to people!

To the 'default' defences of the machine have been added a rigid 'principle of use':

Do not agree to the installation of anything as a result of prompts a web page produces unless:

• It is a prompt from a major and reputable software company.
• It is a prompt from a major and reputable service provider.
• It is free of the requirement to also install 'Browser toolbars'.

Kinda makes it easy to help people keep their machines clean now. Admittedly, that last bit requires a small amount of 'learning'. But overall it isn't a difficult concept to grasp.

Can you possibly show me how to configure IE7 into Protect Mode IE7? That would be very helpful, as well as many letting me know what concludes in doing this to IE7? Thanks bro.

 

[devman]

Control Panel > Internet Options > Security Tab > click the internet Zone > set Enable Protected Mode (should be on by default)

 

[heatlesssun]

We're only talking Vista here BTW. IE7 runs in protected mode by default. IE7 should not trust any site by default to not run in protected mode: You should see "Protected Mode: On" in the status bar at the bottom right.

This is a good read: http://www.microsoft.com/windows/products/windowsvista/features/details/ie7protectedmode.mspx

 

[Catweazle]

Did you really need to reproduce the entire post just to ask that question?


'Protected mode' in IE7, under Windows Vista, is there by default. All you need do is leave UAC enabled, rather than disabling the (UAC) feature in accordance with the poor advice parrotted out all over the place.

Rwead about what 'protected mode' does here and, in much more detail, here.

 

[zacdl]

I never installed (see note) such software, right from the outset. I've been running Vista as my primary, everyday working platform since the first day of retail release.

I used to run AdAware SE until Vista. By the time Vista came out, not only had AdAware dropped down in quality- Vista really makes it harder for things to screw up your system anyways. I, for one, have found Windows Defender enough.
NOD32 is the only other thing I run....
Just personally- I haven't ever considered SpyBot decent anyways (AdAware SE was ALWAYS picking up stuff that it didn't).

That said- I have installed it on my Vista machine and it comes up with nothing.

• Protected mode IE7
• Windows Defender
• Windows Firewall
• The NAT protection of the ADSL modem/router
• A freeware AV program

That is all I use as well.
100% honestly I'd recommend AVG to anyone, although NOD32 seems to be my favorite right now... It is just very light on resources (So is AVG- but NOD32 is almost invisible). It also picks up on spyware, which is another plus.

Also, FWIW... Each time I tried jumping on the "Firefox" bandwagon I got burnt. Either it crashed, had rendering issues (I don't care WHAT you say- IE is MUCH easier to code for), dropped over dead, or collected more crap than IE ever did.
The Protected Mode + Vista UAC only sweetens the deal

Can you possibly show me how to configure IE7 into Protect Mode IE7?

As said- it is by default. Here is where you can tell though:

 

[Catweazle]

Just personally- I haven't ever considered SpyBot decent anyways (AdAware SE was ALWAYS picking up stuff that it didn't).

That right there is what I'd consider an inadequate approach to 'Safe browsing' when using Internet Explorer under Windows XP. No single 'spyware detection' application provides adequate protection for the system, because different applications use different methods of detection. Some detect intrusions which the others can't, and vice-versa. Some such tools scan for the types of changes made by different known types of exploit/intrusion. Others scan for the presence of instances from lists of known specific exploits/intrusions.

It is always preferable, when using that platform, to use two or more such tools, each of which use differing scanning principles.

 

[zacdl]

No single 'spyware detection' application provides adequate protection for the system, because different applications use different methods of detection.

Hmmm... how on earth do you think I came up with those results in the first place?
It sure wasn't from using a single tool.

 

[Ranma_Sao]

That right there is what I'd consider an inadequate approach to 'Safe browsing' when using Internet Explorer under Windows XP. No single 'spyware detection' application provides adequate protection for the system, because different applications use different methods of detection. Some detect intrusions which the others can't, and vice-versa. Some such tools scan for the types of changes made by different known types of exploit/intrusion. Others scan for the presence of instances from lists of known specific exploits/intrusions.

It is always preferable, when using that platform, to use two or more such tools, each of which use differing scanning principles.

That used to be gospel, and as they say the world is changing. As more Anti-Spyware applications use Real Time Protection, having multiple Real Time Protection monitoring software can increase problems...

I would be real careful in mixing and matching multiple protection software if they have Real Time Protection.

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Catweazle]

Sorta goes without saying, I'd have thought, that you wouldn't have two products both operating 'real time protection' concurrently. The additional app(s) provide an added safety net by way of full system scans.

 

[Monkey God]

I found UAC far too annoying and turned it off.
I use FF to browse, but no other virus/firewall/blah blah software. So far no issues. I dont use Outlook for email.

If a person is reasonably careful, the most likely vector of attack is something you download and run anyways.

 

[Finn]

I have used XP for years and I've never had any problems with viruses or malware.