Windows Security Center

Windows Security Center in Windows Vista.

The Windows Security Center is a component included with Microsoft's Windows XP (beginning with Service Pack 2) and Windows Vista operating systems that provides users with the ability to view the status of computer security settings and services. Windows Security Center also continually monitors these security settings, and informs the user via a pop-up notification balloon if there is a problem.

Contents 1 Overview 2 Version history 2.1 Windows XP Service Pack 2 2.2 Windows Vista 3 Criticism and controversy 4 See also 5 References 6 External links

Overview

The Windows Security Center consists of three major components: A control panel, a Windows Service, and an application programming interface that is provided by Windows Management Instrumentation.

The control panel divides the monitored security settings into categories, the headings of which are displayed with a background color of light blue (green in Vista), yellow, or red. A category with a blue or green background indicates that the settings in the category are "healthy". A yellow background typically indicates that some or all of the settings in that category are not being monitored. A red background indicates that there is a problem that can expose the user's computer to problems.

A notification balloon indicating that there is no firewall protection.

The current state of these settings is determined by the Windows Service. This service, named "Security Center",^[1] is started automatically when the computer starts, and takes responsibility for continually monitoring the system for changes, and also informs the user via a pop-up notification balloon if there is a problem. The settings are made available to the system through a Windows Management Instrumentation provider.

The primary interface which third-party anti-virus, anti-malware and firewall software vendors use to register with Windows Security Center is through the WMI provider. In Windows Vista, some Windows API calls were added to let applications retrieve the aggregate health status of Windows Security Center, and to receive notifications when the health status changes. Microsoft has offered suggestions that these new calls could be used by any application that wants to confirm that the system is in a healthy state before engaging in certain actions. An example they give is that a computer game could ensure that a firewall is running before connecting to a multi-player online game.

Version history

The Windows Security Center in Windows XP Service Pack 2.

Windows XP Service Pack 2

During a 2003 marketing campaign aimed at raising awareness of security, Microsoft learned from discussions with customers that there was confusion as to whether users were taking appropriate steps to protect their systems, or if the steps they were taking were effective.^[2] From this research, Microsoft made the decision to include a prominent and visible control panel with Windows XP Service Pack 2 that would provide a consolidated view of the most important security features. Service Pack 2 was released in August 2004; this initial version provides monitoring of Windows Update, Windows Firewall, and the availability of an anti-virus software package. Third-party providers of firewall and anti-virus software packages were encouraged to make use of the Windows Security Center application programming interface to ensure that their software would be recognised.

Windows Vista

Windows Vista adds anti-malware software detection, monitoring of User Account Control, and monitoring of several Internet Explorer security settings. Windows Defender, Microsoft's anti-malware product, is included with Windows Vista by default, which Windows Security Center will monitor; a third-party anti-malware product can replace this. Another feature of the Windows Vista version is that it includes the ability to display logos of third-party products that have been registered with the Security Center.

Criticism and controversy

The initial release of Windows Security Center in 2004, while being promoted by Microsoft as an important step forward for the visibility of security in Microsoft Windows, was criticised by a number of groups of people for various reasons. PC Magazine ran a series of articles in their Security Watch newsletter titled "Windows XP SP2 Security Center Spoofing Threat" which outlined a design vulnerability which could "potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes."^[3] While the problem was made out to be trivially easy to exploit, as of 2006 there have been no notable exploits that take advantage of Windows Security Center.

In August 2006, computer security software maker Symantec spoke out against Microsoft, stating that the Windows Security Center and other security features in Windows Vista [are] "leveraging a monopolistic position to limit customer choice."^[4] Specific concerns included the concern that, unlike with Windows XP where the installation of Symantec security products could disable Windows Security Center and replace it with a similar tool, the Security Center can only be disabled by user action in Windows Vista. This, claimed Symantec's communication director Chris Paden, would cause a great deal of consumer confusion, as any security problems would be reported by both Windows Security Center and Symantec's tools at the same time.^[5] Another large security software vendor, McAfee, made similar claims, noting that they have requested that Microsoft provide them with ways of incorporating their security software into the core of the operating system, but Microsoft has rejected those requests.