| Most of this page uses content from Wikipedia. The original article was at Windows Security Center. The page may have contained some inaccurate or outdated information, so please edit it so it contains better information.|
The list of authors can be seen in the page history. As with Malware Wiki, the text of Wikipedia is available under the Creative Common Attribution-ShareAlike 3.0 License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.
The Windows Security Center is a component included with Windows XP (beginning with Service Pack 2) and Windows Vista operating systems that provides users with the ability to view the status of computer security settings and services. Windows Security Center also continually monitors these security settings, and informs the user via a pop-up notification balloon if there is a problem.
The Windows Security Center consists of three major components: A control panel, a Windows Service, and an application programming interface that is provided by Windows Management Instrumentation.
The control panel divides the monitored security settings into categories, the headings of which are displayed with a background color of light blue (green in Vista), yellow, or red. A category with a blue or green background indicates that the settings in the category are "healthy". A yellow background typically indicates that some or all of the settings in that category are not being monitored. A red background indicates that there is a problem that can expose the user's computer to problems.
The current state of these settings is determined by the Windows Service. This service, named "Security Center", is started automatically when the computer starts, and takes responsibility for continually monitoring the system for changes, and also informs the user via a pop-up notification balloon if there is a problem. The settings are made available to the system through a Windows Management Instrumentation provider.
The primary interface which third-party anti-virus, anti-malware and firewall software vendors use to register with Windows Security Center is through the WMI provider. In Windows Vista, some Windows API calls were added to let applications retrieve the aggregate health status of Windows Security Center, and to receive notifications when the health status changes. Microsoft has offered suggestions that these new calls could be used by any application that wants to confirm that the system is in a healthy state before engaging in certain actions. An example they give is that a computer game could ensure that a firewall is running before connecting to a multi-player online game.
During a 2003 marketing campaign aimed at raising awareness of security, Microsoft learned from discussions with customers that there was confusion as to whether users were taking appropriate steps to protect their systems, or if the steps they were taking were effective. From this research, Microsoft made the decision to include a prominent and visible control panel with Windows XP Service Pack 2 that would provide a consolidated view of the most important security features. Service Pack 2 was released in August 2004; this initial version provides monitoring of Windows Update, Windows Firewall, and the availability of an anti-virus software package. Third-party providers of firewall and anti-virus software packages were encouraged to make use of the Windows Security Center application programming interface to ensure that their software would be recognised.
Windows Vista adds anti-malware software detection, monitoring of User Account Control, and monitoring of several Internet Explorer security settings. Windows Defender, Microsoft's anti-malware product, is included with Windows Vista by default, which Windows Security Center will monitor; a third-party anti-malware product can replace this. Another feature of the Windows Vista version is that it includes the ability to display logos of third-party products that have been registered with the Security Center.
Unlike Windows XP, in the beta versions of Windows Vista the Windows Security Center could not be disabled or overridden. Security software maker Symantec spoke out against this, noting that it would cause a great deal of consumer confusion because any security problems would be reported by both Windows Security Center and Symantec's tools at the same time. McAfee, another large security software vendor, lodged similar complaints, and in the end Microsoft allowed Windows Security Center to be disabled in the release version of Vista.
In Windows 7 the Windows Security Center has been renamed the Windows Action Center (Windows Solution Center and Windows Health Center in earlier builds) which encompass both Security and Maintenance of the computer.
Criticism and controversy
The initial release of Windows Security Center in 2004, while being promoted by Microsoft as an important step forward for the visibility of security in Microsoft Windows, was criticized by a number of groups of people for various reasons. PC Magazine ran a series of articles in their Security Watch newsletter titled "Windows XP SP2 Security Center Spoofing Threat" which outlined a design vulnerability which could "potentially allow attackers to spoof the state of security on a user's system while accessing data, infecting the system, or turning the PC into a zombie for spam or other purposes." While the problem was made out to be trivially easy to exploit, as of 2006 there have been no notable exploits that take advantage of Windows Security Center.