Sign in with
Sign up | Sign in

Sophos: Win 7 UAC Ineffective Against Malware

By - Source: Tom's Hardware US | B 37 comments

A Sophos test showed that Windows 7 users stiil need additional anti-virus software.

Yesterday Chester Wisniewski of Sophos said that, despite Microsoft's claims that Windows 7 is more secure than its predecessors, the new operating system disappointed in recent tests just like earlier versions. Wisniewski and the security firm claim that the User Account Control feature in Windows 7--when set at the default configuration--failed to catch eight out of ten pieces of malware.

But even though Windows 7 is more secure than Vista and XP, consumers will still need to install anti-virus software to catch all the nasties according to Wisniewski. "Windows 7 users need not feel left out," he said. "They can still participate in the ZBot botnet with a side of fake anti-virus. Windows 7 is no cure for the virus blues, so be sure to bring your protection when you boot up."

eWeek contacted Microsoft about the Sophos test. As normal, the company avoided the question in its typical pseudo-government-type-fashion and highlighted other features of Windows 7 that offer improved security. "Windows 7 retains all of the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released," a Microsoft spokesperson said.

Wisniewski's reports that the test did not include additional, installed anti-virus software. Instead, the company tested Windows 7 with UAC on and UAC off. Two malware samples used in the test would not run in Widows 7: Troi/Bredo-M sn Troi/Banker-EUT. Out of the remaining eight, one malware sample provided a prompt.

As we all say, the best defense against maleware starts at the person sitting behind the keyboard.

Display 37 Comments.
This thread is closed for comments
Top Comments
  • 23 Hide
    cyprod , November 5, 2009 7:05 PM
    Wow, imagine that. A guy who works for an AV company says Windows 7 needs AV software.
    Not going to argue the correctness of the statement, but just saying...
  • 10 Hide
    Scotteq , November 5, 2009 7:18 PM
    Hmmm.. I wasn't aware that User Access Control was being touted as a replacement for Anti-Virus. Let me check on that...



    Nope - UAC has not been advertised as a replacement for proper AV protection. Next non-story, please.
Other Comments
  • 6 Hide
    anamaniac , November 5, 2009 6:52 PM
    "As we all say, the best defense against maleware starts at the person sitting behind the keyboard."

    First off, thank you.
    Second off, how hard is it to use a spell checker?

    Running no AV and going just fine myself. For 11 months now.
    My bros comp is running the Microsoft AV. Be nice if Win7 actually came with their OneCare (or whatever it's called).
  • 23 Hide
    cyprod , November 5, 2009 7:05 PM
    Wow, imagine that. A guy who works for an AV company says Windows 7 needs AV software.
    Not going to argue the correctness of the statement, but just saying...
  • 0 Hide
    zelannii , November 5, 2009 7:15 PM
    File under "Duh".

    We all know Windows has a farly useless security model on its own, with so many holes to fill the only fix is to rewrite it from scratch and give up on backward compatabiltiy.

    Also as others have pointed out, considder the source! Just the same as Symantec and Trend slammed microsoft's free AV as being weak (even though it stopped more of the top 100 ITW viruses than their own product).
  • 2 Hide
    Camikazi , November 5, 2009 7:17 PM
    anamaniac"As we all say, the best defense against maleware starts at the person sitting behind the keyboard."First off, thank you.Second off, how hard is it to use a spell checker?Running no AV and going just fine myself. For 11 months now.My bros comp is running the Microsoft AV. Be nice if Win7 actually came with their OneCare (or whatever it's called).

    You know if MS were to add OneCare of Security Essentials to default install they would get sued just like they did for bundling IE.
  • 10 Hide
    Scotteq , November 5, 2009 7:18 PM
    Hmmm.. I wasn't aware that User Access Control was being touted as a replacement for Anti-Virus. Let me check on that...



    Nope - UAC has not been advertised as a replacement for proper AV protection. Next non-story, please.
  • 6 Hide
    hellwig , November 5, 2009 7:31 PM
    Windows 7 needs AntiVirus? No way, the latest OS is 100% secure and can never get a virus, so no AntiVirus needed!

    Oh wait! That's Apple's stance on OSX, not Microsoft's. My bad.

    I'm pretty sure Microsoft acknowledges the need for Antivirus. Hell, when I installed the Win7 RC, it directed me to a website that offered various 3rd-party antivirus packages. And if I'm not mistaken, Microsoft has started releasing its own AV software too, right?

    I mean, who ever said Windows doesn't need AntiVirus? Only someone who never connects their computer to any kind of network and never plugs in a flash drive or other portable storage into their machine.
  • 2 Hide
    audioee , November 5, 2009 7:44 PM
    Remember, most problems with computers happen between the chair and the keyboard.

    A computer is only as smart as the person using it.
  • 0 Hide
    htoonthura , November 5, 2009 7:45 PM
    well... i see pc with sophos infected so many times. so stop bashing windows.
  • 2 Hide
    doomtomb , November 5, 2009 7:55 PM
    Quote:
    A Sophos test showed that Windows 7 users stiil need additional anti-virus software.

    Kevin Parrish, it's called spell check. When you publish an article on a popular tech news website, maybe you should think about using it.
  • 0 Hide
    Honis , November 5, 2009 8:01 PM
    Why is a partisan "study" getting news time?

    Go run http://www.tomshardware.com/news/Zach-Gage-Lose-Lose-Mac-Game,9005.html a few times and you will see the same methods used to start and install these "test" virus' work on every machine.
  • 0 Hide
    dabell , November 5, 2009 8:02 PM
    The User Account Control has multiple levels to choose from. When on, what level of security was on when they did their tests? Low, Medium, or High?
  • 0 Hide
    hypocrisyforever , November 5, 2009 8:04 PM
    I've never, ever used anti-virus on any of my computers. I've never really had a problem. I've fixed a bunch of friends comps, and the fams comps from viruses. I personally feel like antivirus software is for someone who doesn't "understand" the computer and internet. Like, so, SO simple to avoid virus/trojans. If your 2 hour movie iso is 7k instead of a gig, do you think there is something weird?....lol, nah, but in all realness why bog your comp down with anti-virus software if you can substitute common sense.
  • 1 Hide
    djackson_dba , November 5, 2009 8:06 PM
    I have experience with Sophos... they have no room to talk smack about anyone.
  • -1 Hide
    itadakimasu , November 5, 2009 8:23 PM
    um...

    I'm not sure I understand. I wasn't aware that UAC did anything to "block" malware or detect it... UAC was probably the main annoyance of windows vista, especially since regular users had no idea how to turn it off, or in windows 7's case down lower.

    I turn mine off, because it's rather annoying. I keep my risk of infection down by not visiting stupid, fake, and otherwise shady websites. Also by not using stupid programs like limewire, if people still use it. and best of all, I run updated AV to actively protect my system.
  • 0 Hide
    ravewulf , November 5, 2009 8:33 PM
    Quote:
    As we all say, the best defense against maleware starts at the person sitting behind the keyboard.

    Exactly! Doesn't matter if the OS (or AV software) is the most secure in the world if the person at the computer is a moron when it comes to avoiding malware in the first place.
  • -4 Hide
    bdcrlsn , November 5, 2009 9:18 PM
    Considering most people turn off UAC, then, yeah, I'd call that ineffective.
  • 0 Hide
    matt87_50 , November 5, 2009 9:40 PM
    God, its designed to be customizable. and its designed to be customizable by scripts so it can be easily customized.

    so you can have less virus prone, or more customizable, Pick One.
  • 1 Hide
    alextheblue , November 5, 2009 9:41 PM
    KP As normal, the company avoided the question in its typical pseudo-government-type-fashion
    That kind of remark is precisely what I've come to expect from you. Apple is even worse about responding to that sort of thing, but I don't see that same sort of sideways remark coming from you about them. Their RDF must be too strong...

    Microsoft just can't win. People pissed and moaned about UAC in Vista, and a lot of people just disabled it, or their "genius computer whiz friend" did for them. So for Win7 they made UAC control more fine-grained, and set it at a more moderate (less annoying) setting by default. Now they catch flak for that too. Windows urges you to install antivirus software. What else can they do? If they preinstall antivirus software, I'm sure the EU will jump all over them again.
  • 2 Hide
    zerapio , November 5, 2009 9:45 PM
    Quote:
    As we all say, the best defense against maleware starts at the person sitting behind the keyboard

    Uhmm, go feminism?

    Back on topic, I've managed to go +7 years without AV by being careful, using FF, patching often and running free scans. Why change if it's not broken?
Display more comments