According to foreign media reports, Chester WisnIEwski, senior security consultant at Sophos, a British security company, said that although Windows 7 has greatly improved security, Windows 7 still cannot effectively protect against malware.
exploits
cybercriminals typically use two methods to install malicious software on the user's PC. When a user browses a webpage with an attack code, if the user's Windows program or third-party application has a security vulnerability, the attacker will use these vulnerabilities to install the malware.
contrast, social engineering to trick users to download and install the bot software. For example, some attackers will send you an email with a PDF document, and as soon as you open the PDF document, you will trigger an Adobe Reader vulnerability. American security research will RuiBo Systems, Inc. (BreakingPointSystems)
director H.D.Moore representation, Windows7 defense can attack multiple target software vulnerabilities. For example, IE8's security model protects against ActiveX attacks.
address space randomization layer Windows7 (AddressSpaceLayerRandomization, hereinafter referred to as ASLR) will increase the difficulty of the attacker was found in the computer memory to run the program vulnerabilities. The Data Execution Prevention (DEP) feature can prevent attacks that exploit vulnerabilities.
Davis Mourinho Chomsky said: "Despite the Windows7 ASLR and DEP helps protect more applications (compared to Vista), but the two security features do not cover all applications. "
Vista more secure than XP?
to better understand the security features of Windows7, we may wish to discuss the security features of Vista.
Microsoft for the first half of 2009 (prior to the listing Windows7) of a Security Intelligence Report (SecurityIntelligenceReport) showed low infection rates in the latest (installing the latest updates) Vista than XP, the latest of 62%.
However, considering the Vista users are generally mostly technical staff, so Vista users infection rate is lower than the XP users.
but Davis Mourinho Chomsky this view, Vista's ASLR and DEP functions also play an important role. Now that Windows 7 has improved these two security features, we have reason to believe that they will continue to work.
HDMoore said: "The malware threat will not disappear and many attackers will likely continue to threaten the new operating system, we should be vigilant.."
for the user, rather than program
exploits may be difficult to threaten Windows7, social engineering attacks are still very dangerous.
2009 Nian 10 Yuefen, Sophos malicious programs using 10 models of Windows7 UAC function is tested. The test results show that eight of the programs can be run. Only one of the eight programs needs to be closed after UAC is turned off, and the remaining two are completely inoperable.
Sophos test to prove two points. First of all, the Windows 7 UAC feature was not designed to intercept malware, so users should not expect too much from it.
Secondly, if an attacker to trick you download a Trojan horse program, ASLR and DEP can hardly have any effect. IE8's SmartScreen feature prompts users when they download unidentified files from a web page, but malware can circumvent this security policy.
social engineering attacker can even invade the user's social network account, send hide malicious software URL to their friends. Therefore, Windows 7 users must not be taken lightly on malware.