Strengthen Windows Vista Firewall

The Microsoft Windows Firewall was first introduced in Windows XP, but came under some criticism as it was not enabled by default and only blocked incoming connections, so any programs already on your PC that attempted to ‘dial home’ could connect out and do their dirty deeds. Windows XP service pack 2 enabled the firewall by default, but still allowed outgoing connections.

With the advent of Windows Vista, Microsoft took the opportunity to add outgoing connection blocking to the firewall thus making Windows PC’s safe – or so you would think.

The majority of commercially and freely available firewalls work by automatically blocking all outbound connections and then asking for the users permission when a program wants to connect. The firewall will normally remember which programs have been allowed, so over a period of time the firewall builds up a list of those programs and the questions to the user are reduced.

The Microsoft Windows Vista Firewall works in a different manner: It works by allowing all outbound connections, and blocking only those programs on a pre-defined exceptions list which is updated as part of ‘Automatic Updates’. Whilst this is in principle the same idea as the other firewalls it doesn’t account for programs that are unknown to Microsoft and thus are not on their exclusion list, should you be unlucky enough to be exposed to a new threat or variation on an old threat before it becomes widely known then Windows Firewall will allow it access until the exclusion list is updated. Similarly, if someone has specifically targeted you then you may be infected with a program that is totally unique and may never appear on the exclusion list.

There are two possible solutions to this problem

  1. Increase the security of the Windows firewall
  2. Install an alternative firewall


If you are upgrading your P.C. And already have a subscription to a firewall that is Vista compatible then we would suggest you use that instead, however if you don’t mind getting a little ‘down and dirty’ with Windows Vista we will show you how to beef up security on the Windows firewall by making it work in a similar manner to all other firewalls


  1. Click the Windows button and type ”wf.msc” in the search box.
  2. Select the option marked Windows Firewall Properties and set Outbound Connections to block for all three of the PublicPrivate and Domain profiles.
  3. Scroll down the page a little and select Inbound Rules then select the option for New Rule choose the program option and click Next.
  4. Select the option to Browse and select the program you want to allow online. It’s usually sufficient to just click Next through the rest of the screens, but just read through all of the options to be sure.
  5. Repeat the above procedure for all programs that need access and you’re all done.