|06 Nov 2009||#1|
| || |
Windows 7 Vulnerability Claims
Now that Windows 7 is available, a recent blog by Chester Wisnieski (who works at security vendor Sophos), entitled Windows 7 vulnerable to 8 out of 10 viruses, which has stirred some interest.
Here's a quick summary for those who missed Chester's blog. During a test SophosLabs conducted, they subjected Windows 7 to "10 unique [malware] samples that arrived in the SophosLabs feed." They utilized a clean install of Windows 7, using default settings (including the UAC defaults), but did not install any anti-virus software. The end result was 8 of the 10 malware samples successfully ran and the blog proclaims that "Windows 7 disappointed just like earlier versions of Windows." Chester's final conclusion? "You still need to run anti-virus on Windows 7." Well, we agree: users of any computer, on any platform, should run anti-virus software, including those running Windows 7.
Clearly, the findings of this unofficial test are by no means conclusive, and several members of the press have picked apart the findings, so I don't need to do that. I'm a firm believer that if you run unknown code on your machine, bad things can happen. This test shows just that; however, most people don't knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well.
Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released.
Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user's PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe - which the SophosLabs methodology totally bypassed in doing their test.
So while I'm not a fan of companies sensationalizing findings about Windows 7 in order to sell more of their own software, I nevertheless agree with them that you still need to run anti-virus software on Windows 7. This is why we've made our Microsoft Security Essentials offering available for free to customers. But it's also equally important to keep all of your software up to date through automatic updates, such as through the Windows Update service. By configuring your computers to download and install updates automatically you will help ensure that you have the highest level of protection against malware and other vulnerabilities.
|My System Specs|
|06 Nov 2009||#2|
| || |
What I find the most humorous is the fact that while testing, they bypassed one of the BUILT-IN features that directly help protect against these things. On top of that, they actually thought they'd be able to run any Windows operating system at all without Anti-Virus protection, go out and purposely try to infect themselves and it wouldn't actually become infected?
Typical day at the Sophos office:
Bob: Hey Jim. I was thinking....maybe today we should turn off ALL security features in Windows. You know, such as UAC, KPP, WSH, ASLR etc. Then, try to infect that machine with spyware, viruses and malware.
Jim: Wow. I think that's a fantastic idea! Then when we're done, we should totally write an article about how unsecure Windows is!
Bob: I love you man.
Jim: I love you too.
|My System Specs|
|07 Nov 2009||#4|
| || |
LOL I agree with you both...anyone who deliberately runs Windows without any protection and goes out purposely to get it infected is an idiot. A bit like sleeping with 100 prostitutes* and not wearing any protection and then complaining you caught an STD...lol!
*no offence intended to any working ladies.
|My System Specs|
|Similar help and support threads for2: Windows 7 Vulnerability Claims|
|Windows claims to not be genuine after two months or so||Windows Updates & Activation|
|Windows installer claims not to be setup.||Software|
|Windows Claims its not genuine when it is||Windows Updates & Activation|
|Windows BitLocker Claims.||Security News|
|Windows BitLocker Claims||News|
|Windows 7 Vulnerability Claims.||Security News|
|What to do when Windows claims your product key is inv.||Installation & Setup|