Analysis of the Windows Vista Security Model

Short Description
Windows Vista introduces a security feature, User Account. Protection (UAP), which is also … Windows Vista. This is not meant to imply that there are no …

Website: www.symantec.com | Filesize: 251kb

Content
SYMANTEC ADVANCED THREAT RESEARCH
1
Analysis of the Windows Vista Security Model
Matthew Conover, Principal Security Researcher, Symantec Corporation
Abstract-This paper provides an in-depth technical assessment of the security improvements implemented in Windows Vista, focusing primarily on the areas of User Account Protection and User Interface Privilege Isolation. This paper discusses these features and touches on several of their shortcomings. It then demonstrates how it is possible to combine these attacks to gain full control over the machine from low integrity, low privilege process.
Index Terms-Computer security, Windows Vista, Windows Resource Protection, File Virtualization, Registry Virtualization, Integrity Level, UAP, LUA, UIPI
I. INTRODUCTION indows Vista is a radical departure from prior versions of the Windows operating system. With its introduction, enhancements have been made to virtually all aspects of the Windows security model. These changes should decrease the ease by which the operating system can be compromised.
In this research, Symantec researchers evaluated the security of the Windows Vista February 2006 CTP build. During this research we discovered a number of implementation flaws that continued to allow a full machine compromise to occur. By exploiting these flaws, a low privilege, low integrity level process can bypass User…

Get the file Download here