Top 5 Windows Vista Security Tips

Geek!This is Dragon’s submission for the HP Magic Giveaway. Feel free to leave comments for this article as you see fit – your feedback is certainly welcomed! If you’d like to submit your own how-to, what-is, or top-five list, you can send it to me. Views and opinions of this writer are not necessarily my own:

  1. Check your spyware protection through the Windows Security Center. If you’ve used Windows XP, then you already know about Windows Security Center, the all-in-one monitoring tool that helps you keep track of your firewall, automatic updates, and antivirus software. Windows Security Center for Windows Vista has more security categories. It now warns you if your antispyware software is not up and running like it should be.
  2. Keep Windows Vista up-to-date. Every platform always has things that doesn’t work the way it should, that errors are called bugs, and the only secure way to fix those bugs is keeping your operating system up to date. It is inevitable that additional bugs and security holes will be discovered over time. Once a security exploit has been made public, you can bet that hackers will be all over it. That’s why it’s so important to stay on top of the patch management process. Don’t make the mistake of thinking that just because Windows Vista was designed to be secure that it doesn’t need to be frequently patched.
  3. Use the network profiles. Prior to the release of Windows Vista, Windows treated all network connections equally. In Vista, however, you can use the Network and Sharing Center to designate a network as public, private or a domain network. Networks are designated as domain networks automatically when the machine uses the network to log on to a domain. It is important to select an appropriate network profile because Windows implements various security features based on the type of network you’re connected to. For example, Vista disables the network mapping feature if you are connected to a public network. The Windows Firewall also contains network profile-specific settings.
  4. Use the 64-bit version of Windows Vista. The 64-bit version of Vista is far more secure than the 32-bit version. Why? Because the 64-bit version contains a security feature called “Address Space Layout Randomizer”, which causes a random offset to be applied when system files are loaded. This means that unlike the 32-bit version of Vista, system files are rarely located in the same memory location twice in a row. This randomization foils many of the exploits that are commonly used against Windows XP. Another security feature found only in the 64-bit version is “Data Execution Prevention”. This feature keeps executable code from running in certain areas of the system’s memory. The 32-bit version of Vista includes a less sophisticated version of this feature that is implemented through software, but the 64-bit version enforces Data Execution Prevention at the hardware level.
  5. Use AlertCon or another Gadget related to security on your Sidebar. Do you like to know what the general security posture of the Internet is? Internet Security Systems (ISS) provides an overall “barometer” of Internet-wide security issues. Like the DHS terror alert levels, ISS has a four-level Internet threat level meter called AlertCon that immediately alerts users when there is some type of large-scale worm or virus infestation or other such network-disrupting activity. This gadget displays the current AlertCon status from the ISS web site ( The status will auto-refresh every sixty minutes.My Top Picks for Vista Sidebar Gadgets related to security and helping you to monitor your computer security are: Terror Alert Level, AlertCon, Wireless Network Controller, Memory Meter and Network Activity.

Let me know what do you think about my Top 5 Windows Vista Security Tips. If you disagree with my top five or something is missing in my post, please feel free to express your ideas in the comments below, everybody will appreciate it.

14 thoughts on “Top 5 Windows Vista Security Tips”

  1. You know this really does come in handy, i just bought a laptop, and i had no choice but to get vista (blah) but you know, oh well. Thanks alot for all this!

  2. I like your tips, but the 64 bit tip is hard for us who already have the 32bit version of Vista, only because it doesn’t allow you to upgrade to it. You have to do a complete wipe, which is crazy in my opinion. I appreciate your tips overall!

  3. Upgrading from a 32 bit version of windows to a 64 bit is equally impossible as to the thought of upgrading from a 32 bit version of a linux distro or if it existed, OSX to a 64 bit version.

    The underlying technology is simply not compatable from one to the other.

    I hope that clears up your missconseption Lamarr ;)

  4. If tip #4 is accurate, i would need to find myself a copy of Vista 64bit. Never knew such thing as “Address Space Layout Randomizer” would be on it to improve system performance.

    Thanks for the tip.

  5. Dragon seems to know quite a bit about VISTA security.I admire him,for generously sharing his knowledge.His tips are very helpful,to me,even though I don’t have a 64 bit version of VISTA.

  6. Keeping it running sufficiently.
    When I first got my computer I didn’t realize how important having antispyware was to keeping it running sufficiently. However, it didn’t take very long for it to become perfectly clear. If you don’t have a good scan you will have many problems that could be avoided so easily. Search-and-destroy Antispyware is a great option when it comes to scanning for bugs that will help you keep your computer running at its peak efficiency. The antispyware solution from Search-and-destroy which you will find at Search-and-destroy will help give your PC the protection it needs to keep it in good working condition.

  7. As a very lay operator using a dell Dimension E520 PC, although I have MacAfee protection and Windows Defender installed ,I wonder IF (unless it`s automatically built in!) a simple automatic time out system exists for cable contract users ! ie switching out the cable MODEM ,say after 10 mins of “IDLE TIME”. This may be inconvenient for obviously professional users, but a varaiable time system that one could set-up and install one`s self would be great! OR am I being abit ignorant of the whole darn maze of internet/email engineering? Chers, from Adrian Ball, ENFIELD UK.

  8. I know this is an older article, but since it pops up it might be worth the time to correct some factual errors.

    For Example #4, yes it is more secure and generally faster to run the 64bit version of Vista or Windows7; however, ASLR and DEP are not ONLY enabled on the 64bit versions.

    DEP has been enabled on WindowsXP since SP2, and is enabled on both 32bit and 64bit versions of Vista and Windows7.

    If your processor doesn’t support DEP, Windows will use a software version of DEP to supplement the feature. So DEP being on has nothing to do with 64bit or 32bit, it has more to do with your processor’s abilities.

    ASLR is also enabled on 32bit versions of Vista and Windows7. Vista 32bit prior to SP1 didn’t have IE7 or a few other applications using ASLR.

    The ASLR in Vista 32bit is a less robust than the ASLR system in Vista 64bit, but this has to do more with the abundance of address space in a 64bit OS more than how the feature itself works.

    The one feature 64bit does ‘force’ on for security reasons is the signing of low level kernel drivers. This means that any driver that runs in a lower ring of the OS MUST be signed and verfied in order to run, and the only way around this is for the user to press F8 during boot and disable the feature each time.

    This ‘feature’ can be annoying if you have really old hardware and your provider never signed their 64bit drivers, but for 99.999% of the people it ensures the stability of the OS and security of lower level drivers to prevent malware from injecting itself at a trusted level.

Leave a Reply

Your email address will not be published. Required fields are marked *