Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Windows Vista availability - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Windows Vista availability
Tonight, Windows Vista will go on sale to consumers. For many Microsoft subscribers (mostly businesses), it has been available since December. If you have any particular security related "gotchas", let us know.

A couple things to consider before jumping into Vista:
  • Make sure your Anti Virus solution works with Vista.
  • Windows Vista's firewall is configured by default to allow all outbound connections. You may want to tighten this down. There are a few specific outbound "allow" rules which you should probably keep enabled (for example for DNS and DHCP). So by default, the outbound firewall comes with "all traffic allowed" + specific "allowed" rules. I know, this sounds reduntant. But the idea is to keep your system working even if you switch the default rule to block outbound traffic.
  • Note that Windows Vista will not prevent users (or administrators) from doing stupid stuff ;-). If ou know how to secure XP or your current Windows version, stick with it for production use until you are familiar with Vista.
As with all major upgrades like this: Test! Test! Test! Don't implement with haste. Ultimately, this will be a forced upgrade as support for XP will be ceased at some point. So look at alternatives (e.g. Vista or another OS) in time. Support for XP will be available for at least 12 more months. See will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANSFIRE 2022


4511 Posts
ISC Handler
Jan 29th 2007

Sign Up for Free or Log In to start participating in the conversation!