Looking through the feature set . . . lets see: We've had tagging of applications downloaded from the Internet since like XPSP2 (attachment manager api). We've had the ability to sign applications since like Windows 2000? XPSP2 / Vista have application firewall capability, Vista supports volume encryption. They finally get ASLR - which has been available in Vista since it shipped. SMB packet signing is somehow worth callling out as a security feature of the OS? Must have been running a little short of things to talk about. One interesting thing is 'sandboxing' support . . . but of considerable note is the lack of 'Safari' as one of the applications that is sandboxed?
All in all it looks like good incremental improvements to the competing consumer OS. I welcome the competition. 🙂