Sign in with
Sign up | Sign in
Your question

Windows 7 is NOT Less Secure Than Vista

Last response: in Windows 7
Share
a b $ Windows 7
December 14, 2009 4:54:00 AM

What do you think of this article that claims 7 is less secure than its predecessor?
Quote:
According to Genes, Microsoft sacrificed security in order to make the OS more user friendly. Some tough design decisions were made for the development of Windows 7 to make the User Account Control (UAC) more fluid and flexible. As a result the OS has more number of security holes than a Swiss cheese. "I'm not saying Windows 7 is insecure, but out of the box Vista is better," Genes told The Register.

What I don't understand is how improving the interface workflow would make a system less secure. Doesn't the Action Center, a system icon that unobtrusively notifies people of potential security holes, cover everything, at least similar to Vista? /mini-rant

More about : windows secure vista

a b $ Windows 7
December 14, 2009 5:25:20 AM

I agree, it makes no sense to me. The comments were made by the boss of Trend Micro; I find this quite ironic considering I dumped trend in favour of Microsoft Security Essentials... :D 
m
0
l
a b $ Windows 7
December 14, 2009 5:32:33 AM

Well—and this is a common accusation—maybe he was trying to push up business for his products? :p 
m
0
l
Related resources
a b $ Windows 7
December 14, 2009 5:35:13 AM

The second Tuesday of each month MS supplies a long list of OS updates which are essentially security related. Performance related updates are few. I'd would think Windows 7 SP1 will be stacked high with security related patches. Be interesting what performance issues will be addressed with SP1 when it arrives. Of course Windows 7 is more secure out of the box than it's OS predessors. And no security update from that point on would be omitted. Remember Windows XP SP2? That SP2 baby carried in full force the previously missing 'XP Security Center. Man was that thing patched to death over the next seven or eight years. 8) Companies like Symantec, etc. made buku bucks over it.
m
0
l
a b 8 Security
a c 209 $ Windows 7
December 14, 2009 6:11:44 AM

I'm actually a little concerned about UAC. Windows 7, in an effort to reduce the number of UAC prompts, has marked certain Windows components as "trusted" - these components can auto-elevate their privilege level without issuing a UAC prompt. I don't fully understand the underlying mechanisms, but I do know that malware can use this to gain elevated privileges by using such DLLs in an "injection" attack (see: this page)

Microsoft has stated that UAC itself is not a defense against malware. But in the XP days I used to use a nonprivileged account for my regular work, and there was NO way to get elevated privileges without specifically asking to run something as an administrator and entering a password. I'm actually considering turning UAC off altogether in the hopes that this would be equivalent to the separation of security levels that was provided by XP.

I'm not trying to say that as a whole XP is more secure, it's just that the whole concept of auto-elevation of rights is a facility in Vista / Windows 7 that XP didn't have. This concept is a good one for idiots who regularly use administative accounts to do their work, but for security-conscious people with the wisdom to use unprivileged accounts it seems to me like it's providing a new hole for malware.
m
0
l
a b $ Windows 7
December 14, 2009 8:35:13 AM

UAC? How many of you use UAC (User Account Control)? I turn it off and have never had a problem in doing so.


Tasks that trigger a UAC prompt:

Running an Application as an Administrator
Changes to system-wide settings or to files in %SystemRoot% or %ProgramFiles%
Installing and uninstalling applications
Installing device drivers
Installing ActiveX controls
Changing settings for Windows Firewall
Changing UAC settings
Configuring Windows Update
Adding or removing user accounts
Changing a user’s account type
Configuring Parental Controls
Running Task Scheduler
Restoring backed-up system files
Viewing or changing another user’s folders and files
Running Disk Defragmenter

The owner of a PC needs to be reminded they are about to perform these tasks on their machine? Turn off UAC, I did and I have never experienced a single problem in doing so. Thank god for the disable UAC option. The idea of 'trimming' Windows 7 UAC's function to where the utility is not prompting for elevated privelege when running the Disk Defragmenter is a great, uhmmmmmm idea.

m
0
l
December 14, 2009 12:10:29 PM

vistas constant nagging (allow this?) is what made it so secure and annoying at the same time, in an attempt to make it less annoying win 7 doesnt nag, but more things can occur in the background without the users knowledge, thats all, personally i love win7, and since im using x64, its like im invincible, i dont even have an antivirus, and i just go around openig unknown .exes for fun
m
0
l
a b $ Windows 7
December 14, 2009 1:02:53 PM

Different partys pulling in opposite directions:

If you lock it down and force users to run in normal mode, then you have to provide dialogue boxes for any/all actions which may impact on security. As shown by the uncountable number of rants against Vista, the user base HATE this with an undying passion. Despite whatever security concious users/experts may opine. Whether or not it's really is better. Whether or not it is more secure. They HATE it. Why? Because XP defaulted to full privs and so the only place people had to do that was at work (in which case they more tha likely had to call IT to do it for them anyhow). For the better part of a decade, users were allowed to do whatever they wanted on their computers, and almost without question.

Security guys like it. The Users (you know - the one's who actually pay for the product) hate it, and screamed "..it's *MY* computer, that *I* paid for, with *MY* money, and how dare you ba$tardS at MotherF()%*&#()$&ing Micro$$$$oft interfere with *MY* computer, that *I* paid for, with *MY* money..." etc etc etc....


One of these groups has "The Money", and the other one does not.


So....


Microsoft changed UAC so it was less obtrusive. Yes, it's less secure by default, but that's because the USERS demanded it.


Simple as that.
m
0
l
a b 8 Security
a c 209 $ Windows 7
December 14, 2009 4:57:54 PM

badge said:
UAC? ... I turn it off and have never had a problem in doing so.
The problem with turning it off is that it actually does come with some good security advantages, such as registry virtualization. It's kind of a damned if you do / damned if you don't scenario.
m
0
l
a b $ Windows 7
December 14, 2009 5:03:38 PM

I know one person who leaves UAC on.
m
0
l
a b $ Windows 7
December 14, 2009 7:28:47 PM

Two: I leave it on. And (horrors!) it's also activated on my Vista partition, as well.
m
0
l
a b $ Windows 7
December 14, 2009 7:33:53 PM

Doesn't UAC eventually stop popping up so often after being activated for a period of time?
m
0
l
a b 8 Security
a c 209 $ Windows 7
December 15, 2009 4:28:38 PM

> Doesn't UAC eventually stop popping up so often after being activated for a period of time?
Not that I'm aware of...
m
0
l
!