backtop


Print 107 comment(s) - last by weskurtz0081.. on Nov 11 at 8:55 AM


Windows 7 may be more secure, but its UAC is less functional than Windows Vista's, according to a recent security study. The study suggests that only antivirus protection can properly protect Windows 7.  (Source: Switched)
Antivirus protection still necessary, says firm

One of the most unpopular features of Windows Vista among casual users was the User Account Control (UAC).  Ironically, while the UAC provoked irate comments from these users, like "why is my computer asking me to approve everything", the feature was one of the most appreciated features by power users as it gave them much more control over their security and ability to prevent inappropriate actions.

With Windows 7, Microsoft pledged to go the OS X route on this topic, tuning down the UAC's warnings to a lesser level.  Many security firms complained about this approach and Microsoft relented slightly, restoring some of the UAC's warnings, in particular a warning about the disabling the UAC altogether (experts showed that attackers could disable the UAC without prompting the user in early builds of Windows 7).

While these changes helped make Windows 7's release edition more secure than the test builds, the UAC's default setting is still neutered compare to Vista's robust solution, indicates Sophos Senior Security Adviser Chester Wisniewski.  He's just completed a study of attacking Windows 7 with malware and seeing how the new UAC responds.

Of the ten pieces of malware tested, Windows 7 wouldn't install two of them.  Of the remaining eight only one generated a UAC warning, allowing the user to disallow its installation.

Microsoft officials, though, minimized the test, saying the UAC just isn't that important a security feature anymore.  They point to Windows 7's improved memory protections and Microsoft free Security Essentials antivirus suite as two critical tools that can be used to fight infection, in addition to the UAC. 

States a Microsoft spokesperson, "Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware; this includes features like Security Development Lifecycle (SDL), User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP)."

"Windows 7 retains all of the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released," the spokesperson added. "Coupled with Internet Explorer 8—which includes added malware protection with its SmartScreen Filter—and Microsoft Security Essentials, Windows 7 provides flexible security protection against malware and intrusions."

While he understands that with other supplemental protections Windows 7 will likely be safe, Mr. Wisniewski seems mildly disapproving of defaulting the UAC to reduced functionality.  After all, users of Windows Vista may be lulled into a false sense of security expecting prompts to save them from malware.  Ultimately, though, there's little that can be done to convince Microsoft to change this, though, and he concludes, "Lesson learned? You still need to run antivirus [protection] on Windows 7."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

UAC
By bradmshannon on 11/5/2009 2:09:30 PM , Rating: 5
I never really saw the UAC as an anti-virus tool. I always just saw it as an anti-spyware/malware tool so you didn't accidentally install something that you didn't want to.

Maybe I'm wrong though...




RE: UAC
By stromgald30 on 11/5/2009 2:21:13 PM , Rating: 2
Agreed. It's just a tool to prevent accidental/unknown installations or operations that could hurt your OS.

Isn't there something called Windows Defender that does malware control? That's what should be tested. More than likely, it was turned off when they did the test.


RE: UAC
By Spivonious on 11/5/2009 2:34:35 PM , Rating: 2
Windows Defender has been effectively replaced by Security Essentials. If you haven't tried it, I highly recommend it. It takes up next to no resources and from what I read (haven't gotten a virus myself in 15 years) it does a good job picking up malware.

It's completely free.


RE: UAC
By jonmcc33 on 11/5/2009 4:17:01 PM , Rating: 2
I agree. I have switched all my computers to it. It founds malware that Avast did not.

One weird thing is that it keeps putting weird locked folders on the root of the C: drive. Not that most people even look there but if you browse through My Computer you will see them. I did a search on the internet and found others having the same issue? Microsoft should just make those folders hidden.


RE: UAC
By Kuroyama on 11/5/2009 2:35:58 PM , Rating: 2
Windows Security Essentials, mentioned in the article, is a free anti-virus program and includes Windows Defender. It can be downloaded off MS's web site.

While I normally approve of anti-monopoly regulations, an operating system should provide a secure platform. The EU should leave MS alone on this and allow them to bundle it with Windows, but I guess MS has gotten tired of paying huge fines and didn't try to push it.


RE: UAC
By jonmcc33 on 11/5/2009 4:14:49 PM , Rating: 2
No, it does not include Windows Defender. Installing Microsoft Security Essentials (MSE) actually disables Windows Defender.

You'll notice that after installing MSE you will not get prompted for anymore Windows Defender automatic updates.


RE: UAC
By kmmatney on 11/6/2009 12:46:29 AM , Rating: 2
Security essentials does protect against virues and spyware so your good, though (assuming Spyware and malware are the same)...


RE: UAC
By mixpix on 11/5/2009 4:26:14 PM , Rating: 2
Agreed.

Also, welcome to 3 days ago DT! :P


RE: UAC
By Hoser McMoose on 11/5/2009 6:41:38 PM , Rating: 1
quote:
I never really saw the UAC as an anti-virus tool. I always just saw it as an anti-spyware/malware tool

These days the difference between virus, spyware, ad-ware, malware, trojans, etc. has become very blurred.

Most of these programs are designed to do a variety of tasks now, first and foremost to allow the loading of other software. So you have viruses that are designed to load ad software, ad-ware designed to self-replicate and hide itself, etc. etc.

UAC won't block all these things but it does play a role in reducing what some of them can do. More importantly though is that it makes it MUCH easier (trivial in fact) to run Windows as a non-administrator. THAT is the real benefit of UAC if you ask me.

NOBODY should feel the need to use Windows Vista or Windows 7 logged in as an Administrator in my mind.


"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki