Print 45 comment(s) - last by Griswold.. on Sep 22 at 4:59 AM

Windows 7's XP Mode, shown here running Office 2003 (VM) aside Office 2007 (native) is actually a great security asset, crippling many types of malware, and breaking many hacker tools. This is actual an inadvertent benefit, but it is certainly welcome.  (Source: lockergnome)
The new version of Windows is stacking up to be the most secure to date

No computer system is completely secure.  Inherent insecurities exist in even the most secure systems, be it in the form of exploitable features in the operating system code or the big organic “insecurity” sitting in front of the machine, typing on the keyboard.  That said, Windows 7 is shaping up to be much more secure than its predecessors.

You might not hear that widely reported in the press.  Windows 7, like OS X, has been carefully scrutinized whenever a flaw sees the light of day.  Most recently Microsoft caught a flaw in Windows Vista, Windows Server 2008, and the Windows 7 Release Candidate.  The flaw in the Windows' SMB (Server Message Block) 2 had not yet been exploited, but Microsoft warns, "An attacker who successfully exploited this vulnerability could take complete control of an affected system. Most attempts to exploit this vulnerability will cause an affected system to stop responding and restart."

A work-around for the flaw has been released, but Microsoft says the flaw is already fixed in the Windows 7 RTM and Windows Server 2008 R2 versions.  It is among the many that Microsoft has caught before it ships Windows 7, thanks to the largest public test of a commercial operating system to date.  This unusual openness has earned the company both praise and scorn, but overall it's indicative of progress when it comes to security.  And some of Microsoft's best security features in Windows 7 are almost unintentional, and haven't been widely publicized.

A new report by PureWire's Paul Royal, published in SC Magazine, a publication geared towards security professionals, indicates that Windows 7 will be the most secure Windows operating system to date.  He concludes that all but the many casual attackers will be frustrated enough to turn to easier routes of attack, such as social engineering schemes.

Windows 7's security is thanks in part to the OS patching routes to inject malicious code into the memory.  In previous Windows OS's, such as Vista, memory protections such as DEP and ASLR offered a degree of safety.  However, there were routes to get around these protections, relatively easily.  With Windows 7 blocking many of these routes and additionally with applications such as IE8, Firefox 3 and their plug-ins (Flash, Acrobat Reader, and QuickTime) at last utilizing these protections, Windows 7 is shaping up to be a very strong fort.

Additionally, Windows 7's XP Mode is likely to cause more headaches for attackers.  XP Mode is implemented using hardware virtualization extensions.  A common hacker tool -- rootkits -- rely on hardware virtualization and a special privilege level called VMX root mode.  With the OS now using hardware virtualization, attempts to gain the privileges necessary to launch the special hardware virtualization support needed by the rootkit tends to crash the OS or provide the user with warnings.  For this reason Blue Pill, one common rootkit, doesn't work well in Windows 7.

Many malware programs will also be crippled by XP-Mode.  This is because in the past Windows security software has used hardware virtualization extensions to detect malware.  It is common practice for malware to be written to not run on machines where hardware-assisted virtualization is detected.  However, as all Windows 7 Professional and Ultimate licenses come with XP Mode, this malware won't run on a large portion of Windows 7 installs.  Modification is possible, but this will be time consuming and frustrating to attackers.

Again, no system is impenetrable, and surely new attacks and tools for cyber criminals will be developed to assault Windows 7.  However, its safe to say that Windows 7 will be the most secure modern Windows OS to date. 

In an effort to capitalize on its newfound vigor and support behind Windows 7, Microsoft has already begun to launch new commercials to that showcase the benefits of the operating system.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Damn it....
By UrbanBard on 9/15/2009 12:10:09 AM , Rating: 2
"Intel Macs with Core 2 Duo processors were released in late 2006...The vast majority of PCs sold within the last 2 years shipped with Intel VT (or AMD-V which is equivalent) support, netbooks excepted."

I don't know what the numbers are. I suspect we'll have to wait for the proof of the pudding; that is, when System Seven is released. The truth will out then. What I had heard was that only the faster grade Core 2 processors had Intel VT hardware, thus the numbers were relatively low. I'm willing to be wrong on this. It's just what I heard.

"Leopard doesn't even support PowerPC systems at all. Apple was releasing new PowerPC G5 models as recently as 2005, only 4 years ago."

I fail to see the relevance of this remark. Once Apple announced its move to Intel in Aug 2005, it was understood that Apple would leave the PowerPC chips behind, sometime.

Five years is the normal cut off for Apple legacy hardware, so four years of warning is a year short. Those G5 PowerPC computers will be running fine for another three to five years. They just don't get any OS upgrades.

Apple is moving on, because x64 code wouldn't run on the PowerPC chip and PowerPC code wouldn't run the G5's any faster.

By optimizing on 64 bit Intel, Apple can take advantage of the increased registers in the Core 2 chips. But, we won't see the full effect of that until most of the apps are in 64 bit code.

An advantage of Apple is that it leaves behind obsolete hardware and software, so you always are leading edge. The disadvantage is that you can be obsoleted quickly. If you want the new you have to let go of the old.

How long is Microsoft going to support Windows XP?

"The fact that Windows 7 will even run on these older systems is a testament to their longevity. "

The question is if System Seven will run well enough to be useful on the old equipment. My understanding that System Seven runs better, but not faster than Vista. And Vista was a dog.

Usually, there is a greater turn over in PC's than Macs. What held things off for the last three years was that Vista was so bad that people kept from buying new computers or they down graded to Windows XP.

RE: Damn it....
By jordanclock on 9/17/2009 2:48:17 PM , Rating: 2
One question... Why do you keep calling it "System Seven?" It's Windows 7. Or just Win7.

RE: Damn it....
By MrPoletski on 9/18/2009 10:43:34 AM , Rating: 2
alliteration is the new stuff of hard-ons when it comes to tech talk, obviously.

"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki