Updated ACL model in Vista improves on XP and 2003

There are various changes to the ACL model from XP/2003 to Windows Vista. Some are simple changes to defaults such as who has permission to create and modify files in the root of the boot volume, others are more complex regarding implicit permissions granted to the owner of an object and how this can be controlled even further.

Jesper Johansson has written an excellent and detailed Technet magazine article about Vista’s new ACL features  and how these improve security. Some of this is just “useful to know” but effectively just gets on with the job under the hood; other parts are more useful to understand in depth to leverage the new capabilities.

Read more of this post

Owning Vista from the boot

An interesting article and interview about a proof-of-concept ‘bootkit’ which provides a means to run arbitrary code with raised privileges in Vista, despite all the protected mode security and inability to change the kernel

Vista Bootkit article on SecurityFocus

Sophos SBE: anti-virus and anti-spam for small businesses

Sophos Small Business Suite – Engineered for small businesses

  • Includes Sophos Anti-Virus Small Business Edition and Sophos Pure Message Small Business Edition
  • Detects and disinfects viruses at every potential access point, ensuring networks are fully protected
  • Blocks up to 98% of spam, keeping inboxes free of unsolicited bulk emails
  • Updates automatically, providing a complete defence against the latest virus and spam threats

Review

This product is squarely aimed at the small business IT administrator who wants a neat, simple solution to address their concerns about viruses, and the issues caused by the ever-increasing volume of spam email.

Read more of this post

How Opera’s Desktop Team deal with security vulnerabilities

In an article entitled “Handling Security”, Claudio Santambrogio of the Opera Desktop Team discusses how they handle vulnerability reports, disclosure, patching and upgrades.

Recently, some of our users have asked why we chose to disclose a potential security issue only after the release of Opera 9.10. Let me try to give a short overview on how security issues get reported and disclosed – and not only at Opera, but in most applications: it might help some people to understand how this works.