With Windows 7, Microsoft
pledged to go the OS X route on this topic, tuning down the UAC's
warnings to a lesser level. Many security firms complained
about this approach and Microsoft relented slightly, restoring
some of the UAC's warnings, in particular a warning about the
disabling the UAC altogether (experts showed that attackers could
disable the UAC without
prompting the user in early builds of Windows 7).
these changes helped make Windows 7's release edition more secure
than the test builds, the UAC's default setting is still neutered compare to Vista's
robust solution, indicates Sophos Senior Security Adviser Chester
Wisniewski. He's just completed a study of attacking
Windows 7 with malware and seeing how the new UAC responds.
the ten pieces of malware tested, Windows 7 wouldn't install two of
them. Of the remaining eight only one generated a UAC warning,
allowing the user to disallow its installation.
officials, though, minimized the test, saying the UAC just isn't that
important a security feature anymore. They point to Windows 7's
memory protections and Microsoft free
Security Essentials antivirus suite as two critical tools that
can be used to fight infection, in addition to the UAC.
States a Microsoft spokesperson, "Windows 7 is built
upon the security platform of Windows Vista, which included a
defense-in-depth approach to help protect customers from malware;
this includes features like Security Development Lifecycle (SDL),
User Account Control (UAC), Kernel Patch Protection, Windows Service
Hardening, Address Space Layout Randomization (ASLR) and Data
Execution Prevention (DEP)."
"Windows 7 retains all
of the development processes, including going through the Security
Development Lifecycle, and technologies that made Windows Vista the
most secure Windows operating system ever released," the
spokesperson added. "Coupled with Internet Explorer 8—which
includes added malware protection with its SmartScreen Filter—and
Microsoft Security Essentials, Windows 7 provides flexible security
protection against malware and intrusions."
understands that with other supplemental protections Windows 7 will
likely be safe, Mr. Wisniewski seems mildly disapproving of defaulting the UAC to
reduced functionality. After all, users of Windows Vista may be
lulled into a false sense of security expecting prompts to save them
from malware. Ultimately, though, there's little that can be
done to convince Microsoft to change this, though, and he concludes,
"Lesson learned? You still need to run antivirus [protection] on
quote: Troj/FakeAV-AFY is a Trojan for the Windows platform.Troj/FakeAV-AFY communicates via HTTP with the following locations:freeavtest . comWhen Troj/FakeAV-AFY is installed it creates the file <Temp>\asp2009.exe.