Windows Vista Security Center: User-Focused Improvements

I’m Chas Jeffries, and I’m the lead program manager for Windows Security Center (WSC) for Windows Vista. As I write this, we are working hard to prepare for the RTM release of Windows Vista. The past year has been an exciting one for the WSC team. We have been working with customers and ISVs to significantly improve the WSC experience in Windows Vista for users. The result is a more open and capable Security Center than what we shipped in Windows XP SP2. In Windows Vista, we remain quiet.

At the top of the list of the improvements that we are most excited about is the inclusion of direct remediation in WSC for ISV solutions. This improvement was based, in part, on direct feedback from the ISV community. In Windows XP SP2, if you were running an antivirus program and that program was turned off or its virus signatures were out-of-date, WSC would alert you to the problem and offer recommendations as to how to fix it. The trouble was that it was up to the user to figure out how to fix the problem, which usually meant figuring out which application to run to fix the issue.

New in Windows Vista, participating ISVs can provide links from WSC to the programs that will correct these problems. Specifically, should an issue arise in Windows Vista with any of your third-party security software, including third-party firewall, antivirus, and antispyware software, WSC will alert you that there is a problem and will provide a button that will link you to the third-party-provided solution that will allow you to easily fix the problem using the third-party's own software. This means that if you are using an ISV solution that integrates with WSC, you’ll be able to fix that solution directly. If you decide that the installed solution is not the one for you, Security Center still maintains the same experience from Windows XP SP2, allowing the user to get another solution from a list of compatible solutions on the Microsoft Web site.

To illustrate this experience, take a look at the following screenshot, which shows the Trend Micro PC-cillin experience on Windows Vista RC1 when the Trend Micro PC-cillin antivirus software is out-of-date.

Notice that in the screenshot WSC provides a button to “Update now” for virus protection. Clicking this button will prompt the user to update his or her antivirus signatures for the Trend Micro PC-cillin solution, as shown in the next screen. As a side note, notice that your third-party software now is able to have its icon displayed, allowing you to easily recognize its presence in Security Center.

Clicking the command link “Yes, I trust this program and am ready to run it” will launch the Trend Micro PC-cillin software to fix the problem, as shown in the next screen.

After the Trend Micro PC-cillin software has successfully updated the antivirus signatures, Security Center will report that Trend Micro PC-cillin Internet Security – Virus Protection is up-to-date, as shown in the next screen.

In order for this feature to truly improve the user experience around maintaining a secure computing environment, we are encouraging ISVs to provide links to software that will fix the specific problem. We are working closely with the ISVs to ensure that they have the guidance as to how to integrate with WSC for Windows Vista.

One area where we received significant customer feedback was in the area of alerting and the red shield icon in the system tray. While we truly believe that disabling WSC alerts creates risk for the user, we understand that there are certain instances where this is necessary. So in light of that understanding, we have enhanced the functionality for the feature “Change the way Security Center alerts me.” We have added new options for changing the way Security Center alerts you when there is a problem with your computer, as shown in the following screenshot.

New in Windows Vista, you have the option to choose between having Security Center alert you when there’s a problem, not alert you (but display the red shield icon), or not alert you and not show the shield icon in the system tray. In addition, it is now possible to right-click the shield icon when it’s displayed in the system tray and dismiss it, as shown in the next screenshot.

As part of our Windows Vista Beta 2 effort, we conducted a usability study on Windows Security Center. One piece of feedback was on the new feature that alerts the user when there’s an issue with Internet Security Settings, which you can see in the next screenshot.

Should your computer’s Internet security settings be put in an insecure state, Security Center will now alert you to the problem and allow you to fix the situation directly. The way this feature was originally implemented, it only provided a single option to the user, which was to return Internet security settings to their recommended settings. Some users told us that they wanted to actually see what settings were responsible for Security Center alerting them. Based on this feedback, we enhanced the feature so users can now choose to restore the Internet security settings to their recommended settings or they can inspect the settings, as shown in the next screenshot.

If the user chooses to inspect the settings by selecting “I want to restore my Internet security settings myself,” Security Center opens the Internet Security Settings dialog box, where the user can easily identify the problematic settings, as shown in the next screenshot.

We are excited about the new functionality in Security Center for Windows Vista and believe that these features will allow the greatest choice, flexibility, and freedom for Windows users with regards to keeping their computers safe.

-- Chas Jeffries