Windows Vista Security. Securing Vista Against Malicious Attacks

Analyze and understand your organization's risk management philosophy, or, if you are doing this for your own use, your own risk management philosophy.

Develop an e-mail policy that is consistent with the risks you are willing to accept.

Ensure that your anti-malware tools can handle e-mail messages and attachments.

Keep your e-mail clients patched.

Enable an allow-by-exception file attachment policy, if possible, or if not, block high-risk potentially malicious file attachments.

Convert all incoming e-mail to plain-text.

Disable all non-plain-text e-mail content.

Disable default picture downloading in e-mail.

Enable secure password authentication methods.

Disable unauthorized, unmanaged e-mail clients.

Enable antivirus software.

Enable anti-phishing features and/or software.

Enable anti-spam features and/or software.

Ensure e-mail client opens potentially malicious content in the Internet Explorer Restricted sites zone.

If using Windows Mail, download and install Windows Live Mail to get the increased functionality and security features.