The software code that makes up Windows 7 is reliable if it is not modified by non-Microsoft software updates and patched with any necessary updates from Microsoft. Windows 7 guarantees these points with Windows File and Resource Protection and Windows Update respectively.

• Windows File Protection is a technology used in Windows XP to protect operating system files so that they would not be replaced with incompatible versions. A record of each operating system file is kept and, if a protected file is replaced with an unapproved version, Windows File Protection will replace the file with a validated copy of the file from %WinDir%\System32\dllcache or from the Windows installation CD.
• Windows 7 includes an enhanced version of Windows File Protection called Windows Resource Protection. This is used to protect both critical operating system files and registry keys by restricting permissions to these resources. Administrators and the SYSTEM security principals are given only read and execute permissions. The SYSTEM security principal historically represents access levels assigned to the operating system itself.
• With Windows Resource Protection, the protected files can only be modified by the Trusted-Installer service - a special protected operating system service designed to validate any requested changes. Microsoft or a trusted authority must digitally sign any updates that are applied by the TrustedInstaller service. The protected files and registry keys can be moved from their original locations and modified, but the modified versions cannot be put back into their original locations.

Learn more about Windows Resource Protection at:
http://msdn2.microsoft.com/En-US/library/aa372868.aspx.

Activity 12-9