Slide 1

Slide 2 Crispin Cowan, PhD Senior PM, WinCore Security Microsoft Corporation PC51 Slide 3 Slide 4 Slide 5 Slide 6 Default account type Slide 7 Much more secure, but much less convenient Will get better in future releases, want it to be the default Slide 8 Petit Demo Slide 9 Slide 10 Slide 11 Things an Administrator Can do Slide 12 Things an Administrator Can do Things a standard User can do Things a standard user can do Slide 13 Things an Administrator Can do Things a standard User can do Things a real user Needs to do Slide 14 Things an Administrator Can do Things a standard User can do Things a real user Needs to do These are UAC elevations Slide 15 Things an Administrator Can do Things a standard User can do Things a real user Needs to do These are UAC elevations They allow the user to do privileged operations when needed Slide 16 Things an Administrator Can do Things a standard User can do Things a real user Needs to do These are UAC elevations They allow the user to do privileged operations when needed While highlighting that these are privileged operations that you dont want to happen without your consent Slide 17 Slide 18 Slide 19 Slide 20 Slide 21 Slide 22 Slide 23 Slide 24 Slide 25 Slide 26 Slide 27 Slide 28 Slide 29 Slide 30 Slide 31 Slide 32 Slide 33 Slide 34 Slide 35 Slide 36 Slide 37 Slide 38 Low Privilege Application Low Privilege Application High Privilege COM Object High Privilege COM Object Malware Malware can press buttons on low application, Causing bad things in high COM object Slide 39 Slide 40 Low Privilege Application Low Privilege Application High Privilege COM Object High Privilege COM Object Malware Malware cannot press buttons on high COM GUI, Protected by UIPI High Privilege COM GUI High Privilege COM GUI Slide 41 Slide 42 Slide 43 Slide 44 Slide 45 Slide 46 Slide 47 Slide 48 Slide 49 Slide 50 Slide 51 XKCD 327 Slide 52 Slide 53 Slide 54 Please fill out your evaluation for this session at: This session will be available as a recording at: www.microsoftpdc.com Slide 55 Slide 56 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Slide 57