New items of the SP1 for Windows Vista
Date : April 01, 2008
The first Service Pack (SP1) of Windows Vista appeared in US version on March 18, 2008. It is also available in French version.
This Service Pack fixes first of all, issues related to the operating system itself, in particular issues related to reliability and performance. It also enables to support new devices (hardware) and new standards (encryption algorithms used via IPSec, SSTP, etc...).
Up to now, this SP1 is available at the address below:
http://support.microsoft.com/default.aspx?scid=kb;en-us;936330
Improvements
As for security (apart from the inclusion of all the patches previously released for Windows Vista - see the table below), this SP1 brings the following improvements:
- improvement of development lifecycles to reduce code errors (causes of vulnerabilities)
- support of new API allowing to use the "Kernel Patch
Protection" feature
- improvement of the security during the execution of "RemoteApp" programs,
via RDP file signature
- improvement of the "Data Execution Protection"
settings (this functionnality, available from Windows XP and Windows Server
2003, is a memory protection mechanism
- better control of the data presented to "Windows Security Center" (only authenticated applications can communicate with the WSC)
- use of "Single Sign On" for user authentication of wireless networks
- during a migration from Windows XP to Windows Vista SP1, the "Malicious Software Removal Tool" will be available through "Windows Update"
- improvement of the random number generation
- improvement of the use of Smart Cards (introduction of a new "PIN channel" and biometric authentication)
- improvement of the security of the Teredo interface (Teredo is an address assignment and automatic tunneling technology that provides unicast IPv6 connectivity across the IPv4 Internet)
- improvement of the "BitLocker Drive Encryption" option
- new volumes supported by the "BitLocker" encryption
- improvement of the implementation of the "Online Certificate Status Protocol"
- possibility for an unprivileged user to launch the "CompletePC Backup" application
- better authentication of the RDP (Remote Desktop) client
List of patches
The full list of patches included in the SP1 of Windows Vista is available at the address below : http://go.microsoft.com/fwlink/?LinkId=107922
Cert-IST advisories fixed by the SP1
The table below lists all the Cert-IST advisories fixed by the SP1 of Vista.
|
Cert-IST advisory |
Description (and Microsoft bulletin associated) |
|
Multiple vulnerabilities in Internet Explorer (MS07-016) |
|
|
Multiple GDI vulnerabilities in Microsoft Windows (MS07-017) |
|
|
Multiple "CSRSS" vulnerabilities in Microsoft Windows (MS07-021) |
|
|
Multiple vulnerabilities in Internet Explorer (MS07-027) |
|
|
Vulnerability in Microsoft Windows Vista (MS07-032) |
|
|
Multiple vulnerabilities in Internet Explorer (MS07-033) |
|
|
Multiple vulnerabilities in Outlook Express and Windows Mail (MS07-034) |
|
|
Vulnerability in Microsoft Windows Vista Firewall (MS07-038) |
|
|
Vulnerability in the MSXML service on Microsoft Windows (MS07-042) |
|
|
Multiple vulnerabilities in Internet Explorer (MS07-045) |
|
|
Vulnerabilities in "Windows Media Player" (MS07-047) |
|
|
Vulnerabilities in "gadgets" on Windows Vista (MS07-048) |
|
|
"VML" vulnerability in Microsoft Windows (MS07-050) |
|
|
Vulnerability in Microsoft "Windows Services for UNIX" (MS07-053) |
|
|
NNTP vulnerability in Microsoft Outlook Express and Windows Mail (MS07-056) |
|
|
Multiple vulnerabilities in Internet Explorer (MS07-057) |
|
|
RPC vulnerability in Microsoft Windows (MS07-058) |
|
|
SMBv2 vulnerability on Windows Vista (MS07-063) |
|
|
Vulnerability in DirectX on Microsoft Windows (MS07-064) |
|
|
Vulnerability in the ALPC service on Windows Vista (MS07-066) |
|
|
Vulnerabilities in the "ASF" file handling on Microsoft Windows (MS07-068) |
|
|
Several vulnerabilities in Microsoft Internet Explorer (MS07-069) |
|
|
Vulnerabilities in the Microsoft Windows TCP/IP protocol (MS08-001) |
