Service Hardening
After the Blaster worm, Microsoft threat-modeled the default Windows services to understand and minimize their security exposure. This effort involved changing default permissions and privileges and led to the creation of many new service protective measures. Consequently, services running in Windows Vista and later have many security improvements over previous Windows client versions, including:
Each service has a least-privilege security model.
Services were factored so that more services run in the Local Service or Network Service log-on context.
Each service is given a security identifier (SID) to enable per-service access control.
Restricting SIDs are applied to some services.
Services are allowed to be restricted by network ...
Get Windows Server® 2008 Security Resource Kit now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.