Windows Action Center
The Windows Action Center (previously known as Windows Security Center) is a component included with Microsoft's Windows XP (beginning with Service Pack 2), Windows Vista, Windows 7, and Windows 8 operating systems that provides users with the ability to view the status of computer security settings and services. Windows Action Center also continually monitors these security settings, and informs the user via a pop-up notification balloon if there is a problem. It is renamed to Action Center in Windows 7, where it covers maintenance as well as security.
The control panel divides the monitored security settings into categories, the headings of which are displayed with a background color of light blue (green in Vista), yellow, or red. A category with a blue or green background indicates that the settings in the category are "healthy". A yellow background typically indicates that some or all of the settings in that category are not being monitored. A red background indicates that there is a problem that can expose the user's computer to problems.
The current state of these settings is determined by the Windows Service. This service, named "Security Center", is started automatically when the computer starts, and takes responsibility for continually monitoring the system for changes, and also informs the user via a pop-up notification balloon if there is a problem. The settings are made available to the system through a Windows Management Instrumentation provider.
The primary interface which third-party anti-virus, anti-malware and firewall software vendors use to register with Windows Action Center is through the WMI provider. In Windows Vista, some Windows API calls were added to let applications retrieve the aggregate health status of Windows Action Center, and to receive notifications when the health status changes. Microsoft has offered suggestions that these new calls could be used by any application that wants to confirm that the system is in a healthy state before engaging in certain actions. An example they give is that a computer game could ensure that a firewall is running before connecting to a multi-player online game.
Windows XP SP2
Microsoft learned from discussions with customers that there was confusion as to whether users were taking appropriate steps to protect their systems, or if the steps they were taking were effective. From this research, Microsoft made the decision to include a visible control panel with Windows XP Service Pack 2 that would provide a consolidated view of the most important security features. Service Pack 2, released in August 2004, includes the first version of Security Center. This initial version provides monitoring of Windows Update, Windows Firewall, and the availability of an anti-virus software package. Third-party providers of firewall and anti-virus software packages were encouraged to make use of the Windows Action Center application programming interface to ensure that their software would be recognized.
Windows Vista adds anti-malware software detection, monitoring of User Account Control, and monitoring of several Internet Explorer security settings. Windows Defender, Microsoft's anti-malware product, is included with Windows Vista by default, which the Action Center monitors; a third-party anti-malware product can replace it. Another feature of the Windows Vista version is that it includes the ability to display logos of third-party products that have been registered with the Security Center.
Unlike Windows XP, in the beta versions of Windows Vista the Windows Action Center could not be disabled or overridden. Security software maker Symantec spoke out against this, noting that it would cause a great deal of consumer confusion because any security problems would be reported by both Windows Action Center and Symantec's tools at the same time. McAfee, another large security software vendor, lodged similar complaints, and in the end Microsoft allowed Windows Security Center to be disabled in the release version of Vista.
In Windows 7, the Windows Action Center has been renamed the Action Center (Windows Solution Center and Windows Health Center in earlier builds) and encompasses both security and maintenance of the computer. Yellow indicates that there is a message that requires attention. Red indicates that there is an important message for the user to solve.
Action Center has been updated and monitors 10 new items: Microsoft Account, Windows Activation, SmartScreen, Automatic Maintenance, Drive Status, Device Software, Startup Apps, Homegroup, File History, and Storage Spaces.
PC Magazine criticism
On 25 August 2004, PC Magazine published an article in their Security Watch newsletter titled "Windows XP SP2 Security Center Spoofing Threat" which outlined a design vulnerability which could allow malware to manipulate Security Center into displaying a false security status regardless of the true security status. To do so, the malware requires Administrative privileges.
- The service's real name is "wscsvc".
- "Microsoft Windows Security Center: The Voice of Security for Windows Vista". Microsoft. 6 October 2006. Retrieved 16 November 2009.
- Jeremy Reimer (2006-09-27). "Symantec says Vista will "reduce consumer choice"". Ars Technica. Retrieved 2006-10-14.
- Hines, Matt (2006-10-03). "McAfee Chides Microsoft Over Vista Security Policies". eWeek.
- Seltzer, Larry (2006-10-16). "Microsoft Caves on Vista Security". eWeek. Retrieved 2008-08-13.
- Jay Munro (25 August 2004). "Windows XP SP2 Security Center Spoofing Threat". Security Watch. PC Magazine. Retrieved 16 November 2009.
- MSKB 883792: Frequently asked questions about Windows Security Center[dead link]
- MSDN: Windows Security Center API