O

M

Mac OS, root account, 63

malware, 96, 106

integrity level for, 140

kernel patching to intercept system calls from, 231

and Registry, 132

restricting damage, 110

System integrity level and, 168

manage-bde.wsf, 187, 220-223, 221, 222

mandatory access controls vs. discretionary, 133-139

integrity and, 132-133

overview and terminology, 138-139

mandatory integrity control, 131

low-level, 173

mandatory labels decoding, 146-147

group policy and, 168

and permissions, 169-170

Manifest Tool, 93-95

manifests, 82

adding external, 92-93

for elevated status, 86-97

embedding, 93-95

impact on digital signatures, 95-97

examining, 88-91

in EXE file, 81

external vs. embedded, 93

names for, 88

resource editor for adding, 91-92

and Secure Desktop access, 108

and virtualization, 122, 124

XML format for, 90

master browser, named pipe for connecting, 27

/maxmem switch, in boot.ini, 9

Medium integrity level, 140, 141

and process deletion of high integrity object, 161

memory

restricting amount, 15

and warm boot, 219

message box, Event Viewer setup to display, 42

Microsoft

challenge-response mechanisms, 28

Knowledge Base, on recovery from missing or damaged kernel, 230

tech support, 18

"Vista Services" white paper, 255

web site, 94

Microsoft Desktop Engine (MSDE), 27

Microsoft TPM driver, 186

MMC snap-in, need for elevation, 86

"Modify an object label Properties" privilege, 147-148

motherboard, TPM on, 187

mouse pointer, malware manipulation, 106-107

ms-FVE-RecoveryInformation object, 217

ms-TPM-OwnerInformation object, 217

MSDE (Microsoft Desktop Engine), 27

mt.exe, 93-95