HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 6 MINUTES AGO.
You are here: Home / Windows Security / Windows 7 Code Focuses on Security
BMC IT solutions:
IT products & services for the ultimate competitive business advantage.
BMC.com
Windows 7 Built Under Microsoft's Secure-Code Effort
Windows 7 Built Under Microsoft's Secure-Code Effort
By Carl Weinschenk / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
OCTOBER
20
2009



Microsoft's Windows 7 will include several security upgrades over Vista and XP, but it's too early to say how dramatic the improvements will be, according to analysts. Andrew Storms, director of security operations of nCircle Network Security, said three specific items are expected in the new operating system due to be released Thursday.

Storms said Microsoft took a "big hit" when it loaded Vista with intrusive prompts asking people if they intended to perform a requested action. "In Windows 7 they are giving the user more fine controls over that," he said. "That makes it a little less annoying."

The second upgrade in Windows 7 is the capability of encrypting at the USB and FOB drive level. When Vista was designed, the amount of data that these portable drives could hold was comparatively small. That, of course, has changed and Microsoft will enable these drives to be more safely used.

Integrated Fingerprint Readers

The third advance focuses on mobile devices. In earlier versions of Windows, Storms said, fingerprint reading capability for notebooks was added through vendor software. In Windows 7, he said, it is integrated into the OS and looks "like another device."

Storms also pointed to two general changes. In Vista, two important security features were introduced into the OS kernel: Data randomization and data execution prevention. Functionality has been added around these features in Windows 7, he said.

Finally, he pointed out that Windows 7 is the first of a new breed of products from Microsoft. "They live and breathe by the new security life cycle management program," he said. "Windows 7 is the first release that is built from the ground up using the new system." He said the program focuses on writing secure code.

However, Storms said the significance of the upgrades is hard to assess before the OS is released. "The reason I am hesitant is that we heard a lot of the same stories when Vista came out," he said. "It proved to be more secure, but the jury is still out on whether it lived up to everything they said intended to be done."

In general, however, Storms said he is encouraged by the reaction of the company during the past decade, and that it's likely the improvements will continue. "They have shown this time and time again on multiple fronts, whether it's to be more communicative with the general public or the general decline in the number of bugs. There are enough data points to show they have come a long way in the last decade."

No Silver Bullets

David Perry, global director of education for Trend Micro, said there are improvements, but there are no sure things in the security world. "Windows 7 has a vast number of differences in security," he said. "It's a mature product of the company's security life cycle management program. Microsoft spent a lot of time securing all kinds of stuff. The kinds of things you would usually tweak later."

The problem is that to a great extent, the security focus is off the OS, Perry said. "These days most of the vulnerabilities and exploits we see are not operating system-based, but application-based. They are on things like Python, Adobe Flash, and AJAX. Nothing is a silver bullet, partly because the OS has inherent vulnerabilities from the programming languages used to write them. But Microsoft has done a lot of fantastic work. But it's not possible to make a silver bullet. Over half of the patches for the most recent patch Tuesday were for Windows 7."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
BMC's shared success is built on 6 fundamental principles: 1) An Intuitive User Experience 2) Agile Application 3) Actionable Intelligence 4) Adaptive Automation 5) Compliance & Risk Mitigation 6) Optimized Infrastructure & Cost. Contact BMC to learn more.
MORE IN WINDOWS SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Sony is no stranger to breaches. Sony’s PlayStation Network was hacked in 2011 and attackers obtained 77 million user accounts. The latest attack comes against Sony Pictures Entertainment.

MOBILE TECHNOLOGY SPOTLIGHT
In its bid for the wearables market, Sony is reportedly developing a watch made out of electronic paper for release as soon as next year. The e-paper watch will emphasize style over tech innovations.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.