might not hear that widely reported in the press. Windows 7,
like OS X, has been carefully scrutinized whenever a flaw sees the
light of day. Most recently Microsoft caught
a flaw in Windows Vista, Windows Server 2008, and the Windows 7
Release Candidate. The flaw in the Windows' SMB (Server Message
Block) 2 had not yet been exploited, but Microsoft warns, "An
attacker who successfully exploited this vulnerability could take
complete control of an affected system. Most attempts to exploit this
vulnerability will cause an affected system to stop responding and
A work-around for the flaw has been released,
but Microsoft says the flaw is already fixed in the Windows 7 RTM and
Windows Server 2008 R2 versions. It is among the many that
Microsoft has caught before it ships Windows 7, thanks to the largest
public test of a commercial operating system to date. This
unusual openness has earned the company both praise and scorn, but
overall it's indicative of progress when it comes to security.
And some of Microsoft's best security features in Windows 7 are
almost unintentional, and haven't been widely publicized.
report by PureWire's Paul Royal, published in SC Magazine,
a publication geared towards security professionals, indicates that
Windows 7 will be the most secure Windows operating system to date.
He concludes that all but the many casual attackers will be
frustrated enough to turn to easier routes of attack, such as social
Windows 7's security is thanks in part to
the OS patching routes to inject malicious code into the memory.
In previous Windows OS's, such as Vista, memory protections such as
DEP and ASLR offered a degree of safety. However, there were
routes to get around these protections, relatively easily. With
Windows 7 blocking many of these routes and additionally with
applications such as IE8, Firefox 3 and their plug-ins (Flash,
Acrobat Reader, and QuickTime) at last utilizing these protections,
Windows 7 is shaping up to be a very strong fort.
7's XP Mode is likely to cause more headaches for attackers.
XP Mode is implemented using hardware virtualization extensions.
A common hacker tool -- rootkits -- rely on hardware virtualization
and a special privilege level called VMX root mode. With the OS
now using hardware virtualization, attempts to gain the privileges
necessary to launch the special hardware virtualization support
needed by the rootkit tends to crash the OS or provide the user with
warnings. For this reason Blue Pill, one common rootkit,
doesn't work well in Windows 7.
Many malware programs will
also be crippled by XP-Mode. This is because in the past
Windows security software has used hardware virtualization extensions
to detect malware. It is common practice for malware to be
written to not run on machines where hardware-assisted virtualization
is detected. However, as all Windows 7 Professional and
Ultimate licenses come with XP Mode, this malware won't run on a
large portion of Windows 7 installs. Modification is possible,
but this will be time consuming and frustrating to attackers.
no system is impenetrable, and surely new attacks and tools for cyber
criminals will be developed to assault Windows 7. However, its
safe to say that Windows 7 will be the most secure modern Windows OS
In an effort to capitalize on its
newfound vigor and support behind Windows 7, Microsoft has already
begun to launch
new commercials to that showcase the benefits of the operating
quote: many casual attackers will be frustrated enough to turn to easier routes of attack, such as social engineering schemes.