Currently Browsing: Security
I hate antivirus software. It costs money, slows everything down, and prompts you with 1,000 false alarms for every real alarm.
Still, you probably need it. Information Week points us to several vendors who are offering free trials of antivirus software:
PC-cillin from Trend Micro. A beta version of PC-cillin 15.3 can be downloaded for free.
Windows Live OneCare. Free 90-day trial here.
CA, the former Computer Associates. Free CA Anti-Virus Beta For Vista here.
McAfee Total Protection For Small Business. Free beta of what’s billed as an “integrated security software as a service — providing virus, spyware, firewall, and now browser protection, as well as centralized management.”
F-Secure Anti-Virus Beta For Vista. They call their free download the “7.0 Beta”.
So, give them a shot, if you want. I think I’ll pass for now. Antivirus software is only one way to manage the risk of malware. For me, I think the built-in features like UAC and Internet Explorer Protected Mode will do enough. Also, I test any questionable software in virtual machines. If I do get bitten by malware, I’ve got nightly backups, and restores are easy to do in Vista. Basically, I’m betting that running antivirus software would waste more of my time than it would save.
Here’s a fun video showing what can happen to an unprotected computer by visiting a malicious website:
[youtube=http://www.youtube.com/watch?v=eFdm4PxRWd4]
Nasty, right? The user isn’t guilty of anything worse than a typo. What happens if you visit the same page with Windows Vista in a completely default, unpatched state? I recorded this:
Wole Moses has a great overview of Windows Service Hardening (WSH). I’ve written about this a couple of times–basically, it’s a defense-in-depth (think belt-and-suspenders; a second layer of security) that keeps services from doing something really bad even if they get compromised. So, if the Server service doesn’t normally add startup programs, WSH will block it if it ever tries to, because clearly it must be under the influence of an attacker. So, WSH doesn’t prevent a compromise, but it helps reduce the damage done after a compromise.
It might be a good reason to upgrade to Vista, but you don’t really need to know about it. You can’t configure it; it’s already setup for standard Windows services. If you’re a developer, you can use the SC.exe tool to configure WSH, but you’ll probably choose to configure it programmatically as part of service installer.
Windows XP included several security templates (.inf files that represent a computer’s security configuration), but Windows Vista includes none. Want some? Download and install the Windows Vista Security Guide.
The Windows Vista Security Guide includes several templates:
To quickly copy the full path of a file to your clipboard, hold down the Shift key, right click a file, and then click Copy as Path. The full path to the file is placed on your clipboard.
Question:
Hi Tony,
I have been reading you vista clues and I appreciate the help.
Is there a way to run a batch file on vista to set the “Run as administrator†on an exe.
We have a exe that is delivered to our customers monthly. The exe writes files and expects them to be were we installed the product. Of course, with vista this is not true. I can fix this problem but setting the Run as administrator.
The applications are built under XP so I can not set this property before I packages, so what I was thinking was as part of my install/update
Install the exe on vista and then run a batch program to set it as run as administrator. I can not have the customer do this manually.
Do you think this will work? Do you know how to do this?
Any help would be appreciated.
Thank you
Answer:
You can run a command prompt or any application as an administrator by right-clicking it and then clicking Run As Administrator. If you have a batch file that you need to always run as an administrator, follow these steps so it runs with the proper privileges every time: