Critical Infrastructure Security, Network Security, Patch/Configuration Management, Vulnerability Management

Full range of Microsoft Vista fixes coming

Microsoft has released a detailed list of more than 300 hotfixes and security patches included in the upcoming initial service pack (SP1) for its Windows Vista operating system.

According to Microsoft, among the security enhancements in Vista SP1 are upgrades that give security application developers greater access to Vista and enable them to secure use of its remote terminal services.

The full list of SP1 service pack items is posted on Microsoft's website

The SP1 fixes include application programming interfaces (APIs) that will permit third-party security and malicious software-detection applications to work with kernel patch protection on 64-bit versions of Vista. These APIs will help independent software vendors develop software that extends the functionality of the Windows kernel on 64-bit computers without disabling or weakening the protection offered by kernel patch protection, according to Microsoft.

In addition, Windows Vista SP1 gives security software vendors a more secure way to communicate with the Windows Security Center, which provides users with status information about their personal firewall and anti-virus software.

SP1 will improve security of executing RemoteApp programs and desktops by permitting the signing of Remote Desktop Protocol files. RemoteApp programs are accessed remotely through Terminal Services but appear as if they are running on the end user's local PC. This will enhance security when desktop users communicate with servers running Microsoft's Terminal Services.

SP1 also strengthens the cryptography platform with a redesigned random number generator.

The update also enhances BitLocker Drive Encryption, the drive-encryption technology Microsoft introduced with Vista that allows users to automatically encrypt all of their files stored on their system.

This will incorporate an additional multifactor authentication method that combines a key protected by the Trusted Platform Module with a start-up key stored on a USB storage device and a user-generated personal identification number.

Vista SP1 will enable enhancement of the operating system's performance when running on a PC connected to a virtual private network, Microsoft said. There also are updates designed to improve Internet Explorer's streaming video speed and prevent data loss in USB devices connected to Vista PCs.

According to Microsoft, it already has made many of the patches outlined in the SP1 documentation publicly available as individual downloads. Others, however, will be released only with the final version of Vista SP1 early next year.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.