backtop


Print 45 comment(s) - last by Griswold.. on Sep 22 at 4:59 AM


Windows 7's XP Mode, shown here running Office 2003 (VM) aside Office 2007 (native) is actually a great security asset, crippling many types of malware, and breaking many hacker tools. This is actual an inadvertent benefit, but it is certainly welcome.  (Source: lockergnome)
The new version of Windows is stacking up to be the most secure to date

No computer system is completely secure.  Inherent insecurities exist in even the most secure systems, be it in the form of exploitable features in the operating system code or the big organic “insecurity” sitting in front of the machine, typing on the keyboard.  That said, Windows 7 is shaping up to be much more secure than its predecessors.

You might not hear that widely reported in the press.  Windows 7, like OS X, has been carefully scrutinized whenever a flaw sees the light of day.  Most recently Microsoft caught a flaw in Windows Vista, Windows Server 2008, and the Windows 7 Release Candidate.  The flaw in the Windows' SMB (Server Message Block) 2 had not yet been exploited, but Microsoft warns, "An attacker who successfully exploited this vulnerability could take complete control of an affected system. Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."

A work-around for the flaw has been released, but Microsoft says the flaw is already fixed in the Windows 7 RTM and Windows Server 2008 R2 versions.  It is among the many that Microsoft has caught before it ships Windows 7, thanks to the largest public test of a commercial operating system to date.  This unusual openness has earned the company both praise and scorn, but overall it's indicative of progress when it comes to security.  And some of Microsoft's best security features in Windows 7 are almost unintentional, and haven't been widely publicized.

A new report by PureWire's Paul Royal, published in SC Magazine, a publication geared towards security professionals, indicates that Windows 7 will be the most secure Windows operating system to date.  He concludes that all but the many casual attackers will be frustrated enough to turn to easier routes of attack, such as social engineering schemes.

Windows 7's security is thanks in part to the OS patching routes to inject malicious code into the memory.  In previous Windows OS's, such as Vista, memory protections such as DEP and ASLR offered a degree of safety.  However, there were routes to get around these protections, relatively easily.  With Windows 7 blocking many of these routes and additionally with applications such as IE8, Firefox 3 and their plug-ins (Flash, Acrobat Reader, and QuickTime) at last utilizing these protections, Windows 7 is shaping up to be a very strong fort.

Additionally, Windows 7's XP Mode is likely to cause more headaches for attackers.  XP Mode is implemented using hardware virtualization extensions.  A common hacker tool -- rootkits -- rely on hardware virtualization and a special privilege level called VMX root mode.  With the OS now using hardware virtualization, attempts to gain the privileges necessary to launch the special hardware virtualization support needed by the rootkit tends to crash the OS or provide the user with warnings.  For this reason Blue Pill, one common rootkit, doesn't work well in Windows 7.

Many malware programs will also be crippled by XP-Mode.  This is because in the past Windows security software has used hardware virtualization extensions to detect malware.  It is common practice for malware to be written to not run on machines where hardware-assisted virtualization is detected.  However, as all Windows 7 Professional and Ultimate licenses come with XP Mode, this malware won't run on a large portion of Windows 7 installs.  Modification is possible, but this will be time consuming and frustrating to attackers.

Again, no system is impenetrable, and surely new attacks and tools for cyber criminals will be developed to assault Windows 7.  However, its safe to say that Windows 7 will be the most secure modern Windows OS to date. 

In an effort to capitalize on its newfound vigor and support behind Windows 7, Microsoft has already begun to launch new commercials to that showcase the benefits of the operating system.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Damn it....
By Flunk on 9/14/2009 2:00:56 PM , Rating: 5
I don't understand the comparison. Intel Macs with Core 2 Duo processors were released in late 2006. You're comparing them to older XP systems that could be as old as 8 years.

The vast majority of PCs sold within the last 2 years shipped with Intel VT (or AMD-V which is equivalent) support, netbooks excepted. Of course Apple doesn't compete in that market so any argument involving netbooks is irrelevant to your point.

Leopard doesn't even support PowerPC systems at all. Apple was releasing new PowerPC G5 models as recently as 2005, only 4 years ago. The fact that Windows 7 will even run on these older systems is a testament to their longevity. Trying to put forward the idea that Macs have a longer supported lifetime is completely fallacious.


RE: Damn it....
By stonemetal on 9/14/2009 2:32:41 PM , Rating: 1
quote:
The vast majority of PCs sold within the last 2 years shipped with Intel VT
[citation needed] Not that it really matters any way XP mode isn't available in consumer versions of Windows 7.
quote:
Leopard doesn't even support PowerPC systems at all.
Entirely untrue Leopard(10.5) supports PPC, 10.6 does not.


RE: Damn it....
By Gock on 9/14/2009 5:50:44 PM , Rating: 2
quote:
Not that it really matters any way XP mode isn't available in consumer versions of Windows 7.


Wrong. XP Mode is available in both Windows 7 Professional and Windows 7 Ultimate, both sold in retail stores.

http://www.windows7hacker.com/index.php/2009/08/ho...


RE: Damn it....
By borismkv on 9/14/09, Rating: 0
RE: Damn it....
By King of Heroes on 9/14/2009 10:46:37 PM , Rating: 2
I'm pretty sure Windows 7 Enterprise is the "Business" version.


RE: Damn it....
By sbtech on 9/15/2009 7:17:18 AM , Rating: 2
No, Windows 7 Professional is for business users as well. It follows Vista Business edition.

Also laptops "targeted" for the business "segment" carries Vista Business now. Dell Latitude, Lenovo T or X series, and so on.


RE: Damn it....
By Sulphademus on 9/15/2009 11:49:07 AM , Rating: 2
Enterprise, at least with Vista, split the difference in features between Business and Ultimate. The REAL difference is licensing. Business and Ultimate and Home are generally tied to unique keys. Enterprise is a multiple install with one key kinda deal based on how many licenses you have in your MSFT Enterprise agreement.


RE: Damn it....
By sleepeeg3 on 9/14/09, Rating: 0
RE: Damn it....
By pattycake0147 on 9/15/2009 5:50:14 PM , Rating: 2
The only people that will pay that price premium have too much money, but the professional version is much more palatable. I'll have professional for what it's worth. Smart consumers will get the version that fits their needs. In this case their isn't a one size fits all solution.


RE: Damn it....
By mrteddyears on 9/16/09, Rating: 0
RE: Damn it....
By seamonkey79 on 9/16/09, Rating: 0
RE: Damn it....
By UrbanBard on 9/15/2009 12:10:09 AM , Rating: 2
"Intel Macs with Core 2 Duo processors were released in late 2006...The vast majority of PCs sold within the last 2 years shipped with Intel VT (or AMD-V which is equivalent) support, netbooks excepted."

I don't know what the numbers are. I suspect we'll have to wait for the proof of the pudding; that is, when System Seven is released. The truth will out then. What I had heard was that only the faster grade Core 2 processors had Intel VT hardware, thus the numbers were relatively low. I'm willing to be wrong on this. It's just what I heard.

"Leopard doesn't even support PowerPC systems at all. Apple was releasing new PowerPC G5 models as recently as 2005, only 4 years ago."

I fail to see the relevance of this remark. Once Apple announced its move to Intel in Aug 2005, it was understood that Apple would leave the PowerPC chips behind, sometime.

Five years is the normal cut off for Apple legacy hardware, so four years of warning is a year short. Those G5 PowerPC computers will be running fine for another three to five years. They just don't get any OS upgrades.

Apple is moving on, because x64 code wouldn't run on the PowerPC chip and PowerPC code wouldn't run the G5's any faster.

By optimizing on 64 bit Intel, Apple can take advantage of the increased registers in the Core 2 chips. But, we won't see the full effect of that until most of the apps are in 64 bit code.

An advantage of Apple is that it leaves behind obsolete hardware and software, so you always are leading edge. The disadvantage is that you can be obsoleted quickly. If you want the new you have to let go of the old.

How long is Microsoft going to support Windows XP?

"The fact that Windows 7 will even run on these older systems is a testament to their longevity. "

The question is if System Seven will run well enough to be useful on the old equipment. My understanding that System Seven runs better, but not faster than Vista. And Vista was a dog.

Usually, there is a greater turn over in PC's than Macs. What held things off for the last three years was that Vista was so bad that people kept from buying new computers or they down graded to Windows XP.


RE: Damn it....
By jordanclock on 9/17/2009 2:48:17 PM , Rating: 2
One question... Why do you keep calling it "System Seven?" It's Windows 7. Or just Win7.


RE: Damn it....
By MrPoletski on 9/18/2009 10:43:34 AM , Rating: 2
alliteration is the new stuff of hard-ons when it comes to tech talk, obviously.


"If a man really wants to make a million dollars, the best way would be to start his own religion." -- Scientology founder L. Ron. Hubbard

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki