News >> Browse Articles >> Business
News >> Browse Articles >> Microsoft
News >> Browse Articles >> Software
News >> Browse Articles >> Software & Web Development
Sophos: Windows 7 UAC Fails to Block Majority of Malware
Featured Author:
DailyTech
DailyTech is a leading online magazine for a well-educated, tech audience. Its readers enjoy hard-hitting and up to the minute CE, PC, IT and information technology news. DailyTech’s fast-moving content also reaches out via news syndications, public portals, and forums.
Jason Mick
November 06, 2009
One of the most unpopular features of
Windows Vista among casual users was the User Account Control (UAC).
Ironically, while the UAC provoked irate comments from these users,
like “why is my computer asking me to approve everything”,
the feature was one of the most appreciated features by power users
as it gave them much more control over their security and ability to
prevent inappropriate actions.
With Windows 7, Microsoft
pledged to go the OS X route on this topic, tuning down the UAC’s
warnings to a lesser level. Many security firms complained
about this approach and Microsoft relented slightly, restoring
some of the UAC’s warnings, in particular a warning about the
disabling the UAC altogether (experts showed that attackers could
disable the UAC without
prompting the user in early builds of Windows 7).
While
these changes helped make Windows 7’s release edition more secure
than the test builds, the UAC’s default setting is still neutered compare to Vista’s
robust solution, indicates Sophos Senior Security Adviser Chester
Wisniewski. He’s just completed a study of attacking
Windows 7 with malware and seeing how the new UAC responds.
Of
the ten pieces of malware tested, Windows 7 wouldn’t install two of
them. Of the remaining eight only one generated a UAC warning,
allowing the user to disallow its installation.
Microsoft
officials, though, minimized the test, saying the UAC just isn’t that
important a security feature anymore. They point to Windows 7’s
improved
memory protections and Microsoft free
Security Essentials antivirus suite as two critical tools that
can be used to fight infection, in addition to the UAC.
States a Microsoft spokesperson, “Windows 7 is built
upon the security platform of Windows Vista, which included a
defense-in-depth approach to help protect customers from malware;
this includes features like Security Development Lifecycle (SDL),
User Account Control (UAC), Kernel Patch Protection, Windows Service
Hardening, Address Space Layout Randomization (ASLR) and Data
Execution Prevention (DEP).”
“Windows 7 retains all
of the development processes, including going through the Security
Development Lifecycle, and technologies that made Windows Vista the
most secure Windows operating system ever released,” the
spokesperson added. “Coupled with Internet Explorer 8—which
includes added malware protection with its SmartScreen Filter—and
Microsoft Security Essentials, Windows 7 provides flexible security
protection against malware and intrusions.”
While he
understands that with other supplemental protections Windows 7 will
likely be safe, Mr. Wisniewski seems mildly disapproving of defaulting the UAC to
reduced functionality. After all, users of Windows Vista may be
lulled into a false sense of security expecting prompts to save them
from malware. Ultimately, though, there’s little that can be
done to convince Microsoft to change this, though, and he concludes,
“Lesson learned? You still need to run antivirus [protection] on
Windows 7.”
_© 2009, DailyTech
