In today’s world of IT, Computer security is a critical issue for all organizations. Increased regulation has fueled the need to ensure compliance with heightened security requirements such as privacy laws. In addition to software flaws, many security issues are user initiated. The Microsoft® Windows Vista™ operating system includes a variety of new features to increase security.

There are security risks inherent to all computer systems in current scenario regardless of what operating system that they run. To avoid the Security risks, first we need to Understand the security risks with computing systems so that as a first step we can look towards mitigating those risks. Following are some of the security risks to computing systems and provides a brief overview of how Windows Vista mitigates them. .

To make it easier to plan defenses, security risks can be divided into broad categories. Each category of these risks shares a set of characteristics that can be analyzed and protected against. Security risk categories include:

Malware is software that performs unauthorized operations on your computer. In today’s world, Viruses, Trojans (Trojan horses), and spyware are examples of malware. The different ways by which Malware can be introduced by users installing unauthorized software or visiting malicious Web sites.
• Network risks. Computers are usually connected by a network. Much of the value we gain from computers is based on using network resources like the Internet, database servers, and file servers. However, computer networks facilitate attacks on computers. Worms replicate themselves over networks, and hackers use networks to try and break into systems.
• Web browser risks. Almost every information worker in an organization uses a Web browser to perform research and access Internet and intranet applications. Some malicious Web sites attempt to modify the configuration of the local computer by exploiting flaws in Web browsers. Other Web sites attempt to impersonate legitimate Web sites such as online banks to steal personal information in an attack known as phishing.
• Data risks. As workers have become more mobile with portable computers, more corporate data is being carried outside the physical walls of the organization. When a portable computer is lost or stolen, it is often easy for unauthorized people to gain access to corporate data stored on the portable computer. In addition, corporate data is often transmitted outside the organization where there is no control over retransmission or use of that data.

One of the major focuses in Windows Vista development is increased security. Many of the new features in Windows Vista are specifically designed to make Windows Vista more secure than any previous version of Windows. Windows Vista security features include:
• Hardened services to reduce the risk of a Windows service being used by an attacker.
• User Account Control (UAC) to limit the use of administrative privileges.
• Windows Defender to prevent and remove spyware.
• Windows Firewall enhancements to mitigate network risks.
• Network Access Protection (NAP) to control which workstations are able to access the network.
• Internet Explorer Protected Mode to prevent malicious Web sites from affecting the local computer.
• The Phishing Filter in Internet Explorer 7 reduces the likelihood of a phishing attack being successful.
• BitLocker Drive Encryption to secure data on portable computer hard drives.
• Rights management to control how data is used, even outside your organization.

In addition to the new features in Windows Vista that address security risks, there are also some specific platform improvements. The platform improvements change some of the security systems in Windows Vista to make them more effective and easier to use.
The platform improvements in Windows Vista are:
• Flexible authentication. Windows Vista authentication capabilities are more flexible, providing a variety of choices for customized authentication mechanisms, such as fingerprint scanners and smart cards. Deployment and management tools, such as self-service personal identification number (PIN) reset tools, make smart cards easier to manage and deploy. Smart cards can also be used to log on to Windows Vista.
Further, Windows Vista enables authentication using Internet Protocol version 6 (IPv6) or Web services.
• Easier certificate management. Certificate enrollment is made easier because Windows Vista includes Credential Manager enhancements that enable backing up and restoring credentials stored on the local computer. The new Digital Identity Management Service (DIMS) provides certificate and credential roaming within an Active Directory® directory service forest and end-to-end certificate life cycle management scenarios.
Enhanced auditing. Windows Vista auditing capabilities make it easier to track what users do. Auditing areas now include multiple subcategories, making it much easier to focus on events of interest. Windows Vista integrated audit event forwarding collects and forwards critical audit data to a central location, enabling small networks as well as enterprises to better organize and analyze audit data.

Malware is malicious software that is installed without your explicit consent. Malware includes spyware, viruses, and worms. Malware can steal personal information and cause system performance problems as well as data loss and system failures. Windows Vista implements hardened services, UAC, and Windows Defender to limit the risks posed by malware.

Malware is installed without your explicit consent. It needs to either exploit a flaw in the operating system or trick you into installing it. In most cases, viruses and worms exploit flaws to install themselves, but spyware is usually established by tricking users into installing it.

The most common operating system flaw that is exploited by malware is the buffer overflow. All Windows services and applications are designed to expect certain data during communication. Most of the time, when services and applications receive data, they verify that the amount of data received is the amount of data that is expected. However, if the verification step is accidentally omitted, a buffer overflow can occur. A buffer overflow occurs when a service or application receives more input than was expected and does not handle the additional data correctly. In most cases, a buffer overflow results in the service or application stopping. Occasionally a buffer overflow allows arbitrary code to be executed on the computer.

A Trojan is software that pretends to be for one purpose but performs another. For example, you could run a file management tool that you have downloaded from the Internet, and the file management tool might install spyware. When users are logged on using administrative credentials, they are allowed to install and configure software. Trojans take advantage of this to install malware.

Even if computer systems are completely secure from a technology perspective, the systems are still vulnerable to user errors and actions. Social engineering is the process of tricking a user into performing a task, such as installing undesirable software or inadvertently providing password information.
Social engineering is used by malware creators when they offer users Internet Explorer toolbars and additional software that adds emoticons to e-mail messages. Many of these appear to be legitimate software but also install spyware. Sometimes software that purports to remove spyware is actually spyware itself.

Windows Vista protects against malware with three specific enhancements:
• Windows Service Hardening. Windows Service Hardening restricts critical Windows services from doing abnormal activities in the file system, registry, network, or other resources that could be used to allow malware to install itself or attack other computers. For example, the remote procedure call (RPC) service can be restricted from replacing system files or modifying the registry.
• User Account Control. User Account Control (UAC) allows users to be productive and change common settings while running as a standard user, without requiring administrative privileges. This prevents users from making potentially dangerous changes to their computers, without limiting their ability to run applications. Users with administrative privileges run as a standard user most of the time and are prompted for permission when administrative privileges are required.
• Windows Defender. Windows Defender is a tool to remove spyware and prevent spyware installation. Even when users are tricked into installing spyware, Windows Defender can still stop installation or remove it afterwards.