Threats and Vulnerabilities Mitigation

This page provides information for the IT professional about features and technologies that provide layered defenses against malicious software threats and intrusions through a strategy of prevention, isolation, and recovery.

Communication with the Internet

• Using Windows Vista: Controlling Communication with the Internet
  This white paper provides information about the communication that flows between features in Windows Vista and sites on the Internet, and describes steps to take to limit, control, or prevent that communication in an organization with many users.

Internet Explorer Security

• Internet Explorer Dynamic Security Protection
  This overview topic describes all the security improvements in Internet Explorer 7.
• Security Improvements in Internet Explorer for Windows Vista
  This topic describes three security improvements in Internet Explorer 7: Protected Mode, Data Execution Prevention (DEP), and secure HTTP (HTTPS).
• Internet Explorer 7: Help protect against identity theft and more
  This topic describes key features of Internet Explorer 7 you can use to protect your computer and your personal information.
• Implementing and Administering the ActiveX Installer Service
  This prescriptive document shows you how to install and administer the ActiveX Installer Service in Windows Vista. The ActiveX Installer Service enables you to use Group Policy to define approved host URLs that standard users can use to install ActiveX controls.

Microsoft Forefront

Microsoft Forefront is a collection of business security products that helps provide protection for an organization's network infrastructure.

• Microsoft Forefront Product Overview
  This document describes the following products and provides additional resources for each: Microsoft Forefront Client Security, Microsoft Forefront Security for Exchange Server, Microsoft Forefront Security for SharePoint, Microsoft Internet Security and Acceleration Server, and Intelligent Application Gateway 2007.
• Microsoft Forefront Client Security Technical Library
  The technical library provides information for evaluating, installing, deploying, troubleshooting, securing, and operating Forefront Client Security.
• Forefront Security for SharePoint Technical Library
  The technical library provides information for evaluating, installing, deploying, and operating Forefront Security for SharePoint.

Network Access Protection

The Network Access Protection (NAP) platform is a computer health policy enforcement technology that provides system health–validated access to private networks. It provides an integrated way of detecting the health state of a network client that is attempting to connect to or communicate on a network and isolating that network client until the health requirements have been met.

• Introduction to Network Access Protection
  This page provides a download of the NAP introduction document, which describes the components of NAP and explains how NAP works.
• Network Access Protection Architecture
  This page provides a download of the NAP architecture document, which describes NAP platform architecture, NAP client architecture, and NAP server-side architecture, in addition to how NAP works.

Threats and Countermeasures Guide

• Threats and Countermeasures Guide: Security Settings in Windows Server 2003 and Windows Vista
  This guide focuses on the Group Policy settings available in Windows Server 2003 and Windows Vista that can help you address specific computer security risks in an enterprise environment.

User Account Control

User Account Control (UAC) reduces the exposure and attack surface of the operating system by requiring that all users run in standard user mode. This limitation minimizes the ability for users to make changes that could destabilize their computers or inadvertently expose the network to viruses through undetected malicious software that has infected their computer.

• User Account Control Overview
  This article provides an overview of UAC and explains the impact on Run as and standard user.
• Understanding and Configuring User Account Control in Windows Vista
  This technical article explains the history and purpose of UAC and how it works, including the refinement of user modes and the UAC architecture, deploying applications for standard users, configuring UAC settings, UAC services and security considerations, and configuring applications for compatibility with UAC.
• User Account Control Step-by-Step Guide
  This step-by-step guide provides the instructions necessary to use UAC in a test environment.

Windows Defender

Windows Defender is real-time protection software used for the detection and mitigation of spyware and other potentially unwanted software. It helps protect computers running Windows Vista, Windows XP with Service Pack 2 (SP2), or Windows Server 2003 with Service Pack 1 (SP1).

• Windows Defender Technical Overview
  This technical overview provides general information about Windows Defender.
• Windows Defender Events and Errors Troubleshooting
  This provides event and error troubleshooting information with corresponding resolution and verification steps for three managed entities: the Microsoft anti-malware engine, the Windows Defender real-time protection, and the Windows Defender definitions.
• Troubleshooting Windows Defender
  This Knowledge Base article describes resolution steps for common issues when installing and using Windows Defender.
• Description of the Windows Defender Group Policy administrative template settings
  This Knowledge Base article describes how you can use the Windowsdefender.adm Group Policy template file to control the policy settings for Windows Defender.

Windows Firewall with Advanced Security

Beginning with the Windows Vista and Windows Server 2008 operating systems, configuration of both Windows Firewall and Internet Protocol security (IPsec) are combined into a single tool, the Windows Firewall with Advanced Security Microsoft Management Console (MMC) snap-in.

• Windows Firewall with Advanced Security - Content Roadmap
  This content roadmap for IT professionals contains links to getting started content, diagnostic and troubleshooting tools, and an introduction to server and domain isolation.