Difference between revisions of "Windows Vista"

From ForensicsWiki
Jump to: navigation, search
(External Links)
(External Links)
Line 34: Line 34:
 
== External Links ==
 
== External Links ==
 
* [https://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf Windows Vista Network Attack Surface Analysis], James Hoagland, Matt Conover, Tim Newsham, Ollie Whitehouse
 
* [https://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf Windows Vista Network Attack Surface Analysis], James Hoagland, Matt Conover, Tim Newsham, Ollie Whitehouse
 +
* [http://technet.microsoft.com/en-us/magazine/2007.03.vistakernel.aspx Inside the Windows Vista Kernel: Part 2], by [[Mark Russinovich]], March 2007
 
* [http://whereismydata.files.wordpress.com/2009/09/forensic-implications-of-windows-vista.pdf Forensic Implications of Windows Vista], by Barrie Stewart, September 2007
 
* [http://whereismydata.files.wordpress.com/2009/09/forensic-implications-of-windows-vista.pdf Forensic Implications of Windows Vista], by Barrie Stewart, September 2007
  
 
[[Category:Operating systems]]
 
[[Category:Operating systems]]

Revision as of 03:59, 28 June 2014

New Features

File System

The file system used by Windows Vista is primarily NTFS.

In Windows Vista, NTFS no longer tracks the Last Access time of a file by default. This feature can be enabled by setting the NtfsDisableLastAccessUpdate value to '0' in the Registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem

Note that this feature has been around since as early as Windows 2000 [1].

Prefetch

Note that the prefetch hash function is different then that of Windows XP.

The Windows Prefetch File Format was changed to version 23.

Registry

The Windows Registry remains a central component of the Windows Vista operating system.

See Also

External Links