anandk
Distinguished Member
ReDirection Of Data to a Virtual Store.
Under a normal/standard User Account, any application that tries to write to a protected system folder like C\Program Files or C\Windows, gets automatically redirected to a Virtual File Store, which is situated within the particular users profile.
In the same fashion, if an application attempts to write to areas/keys of the registry which have System wide ramnifications, like the HKEY_LOCAL_MACHINE hive, it gets re-directed to Virtual Keys within the users section of the registry.
Applications that attempt to read from these protected file & registry locations look first in the virtual stores.
Such an action prevents malicious applications from writing to areas that could bring down the entire system.
Buffer Over-run Protection.
Address Space Layout Randomization (ASLR) is another technology, new in Vista, that defend against the buffer overrun exploits.
Each time you boot Vista, the system code is loaded into different locations of the memory.
This seemingly simple change thwarts a class of well-known attacks in which the exploit code attempts to call a system function from a known location.
Just some little tidbits...
Under a normal/standard User Account, any application that tries to write to a protected system folder like C\Program Files or C\Windows, gets automatically redirected to a Virtual File Store, which is situated within the particular users profile.
In the same fashion, if an application attempts to write to areas/keys of the registry which have System wide ramnifications, like the HKEY_LOCAL_MACHINE hive, it gets re-directed to Virtual Keys within the users section of the registry.
Applications that attempt to read from these protected file & registry locations look first in the virtual stores.
Such an action prevents malicious applications from writing to areas that could bring down the entire system.
Buffer Over-run Protection.
Address Space Layout Randomization (ASLR) is another technology, new in Vista, that defend against the buffer overrun exploits.
Each time you boot Vista, the system code is loaded into different locations of the memory.
This seemingly simple change thwarts a class of well-known attacks in which the exploit code attempts to call a system function from a known location.
Just some little tidbits...
