Oh the irony. Windows Vista Service Pack 1 is, quite rightly, being pushed hard on the merits of the numerous security improvements over the original release. However, despite the fact that Vista SP1 will not be made available to end users until March, because it has just been released to manufacturing I guess it should come as no surprise that it has also already hit the pirate download sites. Indeed, BitTorrent tracker sites report hundreds of seeders and hundreds more lechers within 24 hours of that RTM release. It would appear that what is circulating here, as a 2.9GB file, is a full Vista install with SP1 included. So at least honest users who wait for the SP1 upgrade pack will not have to jump through the same install hoops as the pirates who will see all the data on their primary hard drive erased.

But what of those security improvements, will they be worth waiting for? You betcha. Vista SP1 brings the ability, at last, for security software vendors to interact in a more purposeful and secure way with the Windows Security Centre for a start. BitLocker drive encryption is beefed up with additional multifactor authentication combining a Trusted Platform Module (TPM) key with a pin-protected startup key stored on a USB device. Talking of TPM, a redesigned random number generator strengthens the cryptography platform using AES based pseudo-generation from NIST special publication 800-90. Remote Desktop Protocol files can be signed to improve security, and third-party security applications will be able to work with kernel patch protection on Vista x64 courtesy of new APIs.

About the Author

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.