用户帐号保护 UAP 以前称为LUA - Least-privileged User Account WC 1262:Windows Vista 安全特性深入分 析-用户帐号保护 (UAP/LUA)
UAP兼容性 应用程序和系统管理 具可在Windows Vista的Beta版本上测试 Visual Studio 具:App. Verifier
防止Phishing攻击 保护URL显示 Phishing网页过滤器( Filter )
Windows XP User Admin System Services Kernel 1. Few layers 2. Mostly privileged 3. Limited guards between layers
Windows Vista Service Hardening User Account Protection (LUA) Low rights programs LUA User Low Privilege Services Admin 1. Increase # layers System Services Svc 6 Kernel Service 1 D DD D Service 3 Svc 7 DD D User mode drivers 2 2. Segment services 3. Reduce size of high risk layers