Windows 7 Virus Vulnerabilities: Is It Getting Better?


« Virus Writers Turning to Online Games | Main | Critical Security Vulnerabilities in Adobe Shockwave Player »

11/04/2009



Windows 7 Virus Vulnerabilities: Is It Getting Better?

Kevin R. Smith
Co-Editor


There's a lot of hoopla about how much better Windows 7 is than prior versions at keeping viruses and other malware at bay and keeping people safe online.

What's the reality though?

Are the default settings in the Windows 7 User Account Control (UAC) all that's needed to protect your PC?

A lot of people want to know, and here's what we found out from antivirus vendor Sophos.

"We grabbed the next 10 unique samples that arrived in the SophosLabs feed to see how well the newer, more secure version of Windows and UAC held up.

"Unfortunately, despite Microsoft's claims, Windows 7 disappointed just like earlier versions of Windows.

"The good news is that, of the freshest 10 samples that arrived, 2 would not operate correctly under Windows 7."

Hrm... well, that doesn't sound good. Does the UAC work at all?

As it turns out, yes. In the Sophos' tests they saw that the UAC blocked 1 of the malware samples. At least that's a start.

Chester Wisniewski, the writer of the piece, goes on to say,

"User Account Control did block one sample; however, its failure to block anything else just reinforces my warning [Editor's note: registration required] prior to the Windows 7 launch that UAC's default configuration is not effective at protecting a PC from modern malware.

"Lesson learned? You still need to run anti-virus on Windows 7.

"Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that 'The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3.'"

We'll go a step further. It isn't just antivirus software these days that's needed. It's firewall software, too.

Putting the two together (along with solid antispyware), as the Internet security suites do, along with using the Windows 7 UACs offers the best, most complete combination of software to protect your PC.

That said, is the upgrade to Windows 7 worth it from a security standpoint?

We think so.

Regardless of the failure of it to block 9 in 10 sample malware, that's what it's doing today. Give the engineers at Microsoft some time with their next service packs for Windows 7, and they'll no doube improve it even more.

Another thing to consider is that the sample size of 10 viruses isn't terribly big. With a greater number of threats, more representative of those you might actually encounter online, the UACs may help thwart some of the viruses.

But, as we see here, there's still no substitute for antivirus software.

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.