Windows Vista Security: Securing Vista Against Malicious Attacks

This new book written by Roger A. Grimes & Jesper M. Johansson is about Windows Vista Security with focus on stopping malicious attacks.

As written by Roger at InfoWorld:

After two years of researching, demos, real use, and malware testing, our book is out. At 582 pages it still doesn’t cover everything about Windows Vista security, but it comes close. In a crowded book field, it is the only one to cover IIS 7, Windows Live Mail, Windows PE Boot Disks, and all the honesty you’ve come to expect from both authors, warts and all.

Some highlights:
Chapter 1, 42 pages, summarizes all the new Windows Vista security features. It’s the most comprehensive list of its kind.

Chapter 2, on How Malicious Hackers Hack, includes the most critical subset of the infamous, “Where Malware Hides” table. The online version contains over a 181 Windows locations that hackers and malware modify.

Chapter 3, 44 pages, Windows Infrastructure, tells you how Windows really works. Logons, SIDs, Services, svchost, impersonation, delegation, and how it all works together. This chapter should be required reading for all Windows admins, not just the security crew.

Chapter 4, UAC, Jesper tells you what UAC does and doesn’t do, and where the cracks are.

Chapter 5, Jesper goes behind the scenes on ACLs, permissions, and integrity levels. Most admins have never been this deep.

The books seems comprehensive and I am most interested in securing domains and servers through isolation beyond IPSec and Kerberos.

More information of the book here and here.