Protecting the enterprise in a Vista environment

Microsoft Vista actually has a greater need for third party security products than previous Windows versions. In reality, Microsoft Vista is poised to see a higher number of vulnerabilities earlier in its life than previous Microsoft products.

“We’re probably going to see a higher initial rate of reported vulnerabilities to us than with previous versions of our products, given the early view researchers have had into Vista,” said Stephen Toulouse, senior product manager with Microsoft’s security technology group.

The user’s ability to override Vista security and run a rogue/untrusted application at an elevated privilege or kernel level poses a significant risk that will remain unmitigated in the Vista 32-bit version.

A secure operating system should be able to contain and mitigate the actions of rogue software. Having a user account control (UAC) that allows you to point the finger of blame at the foolish user is not an acceptable solution to the issue – a better operating system is.

Hacking tools have evolved at a faster rate than most vendor security initiatives. One only has to look at the state of ‘fuzzing’ technology; fuzzing programs provide for an automated replacement for normal input and interfaces for a given protocol or application.

This automated ‘replacement’ input is computer generated, ambiguous and random in nature. By design a fuzzer automatically seeks to cause abnormal behaviour in the protocol or application. The abnormal behaviour is indicative of a software bug and can be further tested to determine if the bug is exploitable.

The use of these automated fuzzing tools by the research community to discover bugs and enable them to then create exploitable vulnerabilities has clearly outpaced software developer’s security initiatives; 32-bit implementations of Microsoft Vista will be the most widely deployed and will lack many of its key security mechanisms found in the 64-bit versions.

Hence, the largest part of the installed base will be the most vulnerable.
Consumers will regard vulnerability in the 32-bit version as a black mark against the Vista product even if the 64-bit version would have been capable of mitigating the threat. Microsoft will not be able to hide behind the capabilities of the 64-bit version when vulnerabilities arise in the 32-bit version.

In order to meet the constraints of operating on Microsoft Vista, many third-party applications will require major software revisions. One only has to look at the lack of security products that are able to work with Microsoft Vista to grasp the enormity of the problem.

Further, in the broader market of business software, because of the fluid and ever-changing requirements of writing software that is fully compatible with Vista, many vendors have not yet made the commitment to support the 64-bit version.

While Microsoft Vista does address to a limited degree spyware and known malware, it does not address the spam problem that Bill Gates in 2004 promised would end in two years, nor does it in any way address today’s fastest growing threat – the data-leakage issue that is fuelling identity theft.
Ultimately, security enhancements in Microsoft Vista may perhaps make it capable of surviving more hits by malicious bullets than it was before, but by no means makes your network bullet proof.

If you intend to run the Vista OS on your corporate desktops, consider that the security enhancements in the OS will drive hackers to further expand their application layer and Web application attacks. Hence, Gateway security at the application layer will be more important than ever in a Microsoft Vista environment.

Also, the difficulty of anti-virus or anti-malware products working with Windows as a third-party security product will necessitate that in order to protect a Microsoft Vista network, malware will need to be detected
on the wire and neutralised before it reaches the Microsoft Vista operating system.

The days of a signature-based anti-virus, IDS and IPS products working at the kernel level of the Windows operating system are simply over.
Weak passwords still plague Windows under Microsoft Vista for the intranet and also for remote users.

Hackers will naturally shift their attacks to the weakest link, which will increase the need for stronger authentication.

Further, the lack of significant improvements in combating insider threats will still need to be addressed by third party solutions. Identity and Access Management (IAM) will be a necessity in addressing the issues of weak passwords for remote and internal users and also provide a necessary additional layer of security for the required segmentation and access control within the intranet.

Despite Gates’ promise in 2004 that, “Spam will be a thing of the past in two years’ time”, it will not go away with Microsoft Vista security improvements.

In fact, social engineering is poised to increase via email and messaging as hackers probe for weak links to overcome any resistance imposed by new security enhancements in other attack vectors.

Hence, anti-spam bolstered with Reputation and Trusted Source capabilities, as found in current generation messaging gateway security offerings, will be a necessity within a Microsoft Vista environment to mitigate the expected increase in the respective threat.

The fastest growing crime in America today is identity theft and it is being fuelled with data leakage. Microsoft Vista in a 64-bit enterprise version offers a new feature called Trusted Platform Module (TPM) that provides for the storage of digital certificates, encryption keys and passwords on the hardware “chip” on the system motherboard.

The use of TMP to store encryption keys off the hard disk allows Vista to provide for the encryption of the entire hard disk including the operating system and boot sector. Whole disk encryption is significantly more secure than traditional file- or folder-level encryption.

A weakness in file and folder level encryption is that the unencrypted portion of the hard drive can often contain clues as to the encryption key used to decrypt the file or folder.

Moving the encryption key to tamper-proof hardware on the motherboard and encrypting the entire hard drive eliminates the ability for a hacker to recover the encryption key from an unencrypted area of the hard drive.

While the use of TPM to encrypt an entire hard disk does a great job of addressing one attack popular vector in the mitigation of data leakage, the issue is that it is only available on the Enterprise version of Vista; hence it is simply not going to be installed on the typical desktop or laptop.

When one considers that 80 percent of the data formerly reserved for the enterprises protected servers, finds its way to individual computers during the normal course of business, the scope of the issue can be realised.

Further, with respect to data leakage, Vista still does little to address the actions of a wayward insider. Simply put, outside of TPM, Microsoft Vista offers little in terms of risk mitigation to stem the tide in this growing issue.

Microsoft’s Digital Rights Management (DRM) falls short of addressing the issue, as it does not provide the safety net for user error or intentional abuse by a wayward insider in rights assignment.

Paul Henry is vice-president of technology evangelism at Secure Computing, a leading global provider of enterprise gateway security.