You are here: Home / Operating Systems / Windows 7 Code Focuses on Security
Mobile Fraud Impact:
Device intelligence uncovers hidden layers of risk in mobile transactions.
Download the free report
Windows 7 Built Under Microsoft's Secure-Code Effort
Windows 7 Built Under Microsoft's Secure-Code Effort
By Carl Weinschenk / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus

Microsoft's Windows 7 will include several security upgrades over Vista and XP, but it's too early to say how dramatic the improvements will be, according to analysts. Andrew Storms, director of security operations of nCircle Network Security, said three specific items are expected in the new operating system due to be released Thursday.

Storms said Microsoft took a "big hit" when it loaded Vista with intrusive prompts asking people if they intended to perform a requested action. "In Windows 7 they are giving the user more fine controls over that," he said. "That makes it a little less annoying."

The second upgrade in Windows 7 is the capability of encrypting at the USB and FOB drive level. When Vista was designed, the amount of data that these portable drives could hold was comparatively small. That, of course, has changed and Microsoft will enable these drives to be more safely used.

Integrated Fingerprint Readers

The third advance focuses on mobile devices. In earlier versions of Windows, Storms said, fingerprint reading capability for notebooks was added through vendor software. In Windows 7, he said, it is integrated into the OS and looks "like another device."

Storms also pointed to two general changes. In Vista, two important security features were introduced into the OS kernel: Data randomization and data execution prevention. Functionality has been added around these features in Windows 7, he said.

Finally, he pointed out that Windows 7 is the first of a new breed of products from Microsoft. "They live and breathe by the new security life cycle management program," he said. "Windows 7 is the first release that is built from the ground up using the new system." He said the program focuses on writing secure code.

However, Storms said the significance of the upgrades is hard to assess before the OS is released. "The reason I am hesitant is that we heard a lot of the same stories when Vista came out," he said. "It proved to be more secure, but the jury is still out on whether it lived up to everything they said intended to be done."

In general, however, Storms said he is encouraged by the reaction of the company during the past decade, and that it's likely the improvements will continue. "They have shown this time and time again on multiple fronts, whether it's to be more communicative with the general public or the general decline in the number of bugs. There are enough data points to show they have come a long way in the last decade."

No Silver Bullets

David Perry, global director of education for Trend Micro, said there are improvements, but there are no sure things in the security world. "Windows 7 has a vast number of differences in security," he said. "It's a mature product of the company's security life cycle management program. Microsoft spent a lot of time securing all kinds of stuff. The kinds of things you would usually tweak later."

The problem is that to a great extent, the security focus is off the OS, Perry said. "These days most of the vulnerabilities and exploits we see are not operating system-based, but application-based. They are on things like Python, Adobe Flash, and AJAX. Nothing is a silver bullet, partly because the OS has inherent vulnerabilities from the programming languages used to write them. But Microsoft has done a lot of fantastic work. But it's not possible to make a silver bullet. Over half of the patches for the most recent patch Tuesday were for Windows 7."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
Product Information and Resources for Technology You Can Use To Boost Your Business

The Federal Trade Commission is voicing its concerns about the Internet of Things (IoT), suggesting several steps businesses should take to protect consumer privacy and security.
© Copyright 2015 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.