Windows 7 users have the same old security problems

The release of Windows 7 doesn’t herald an improvement in computer security, simply because criminals are targeting other programs that the operating system has to run, according to security experts.

In an interview with IT PRO, Panda Security technical director Luis Corrons said that the new operating system will not make the slightest bit of difference in the never-ending battle against malware.

Corrons said that a few years ago the security of Windows itself might have been the problem, and that’s what hackers would target. Now criminals were looking less at Windows and more at applications it will run, such as Adobe Reader and Flash, as well as browsers.

For example, in Apple’s recent patch for the Safari browser, the flaws that were fixed had made Windows 7 users vulnerable to hackers.

“At first going after the operating system made sense, such as with Windows 95/98... They had security holes and had no automatic updates that you have now," he said.

“Since Windows XP, automatic updates have been turned on by default. Everyone gets an update as soon as Microsoft releases it," he added. "So [criminals] have started to focus on different products that you have running on your computer.”

Corrons said that Microsoft had a very difficult job because it had to balance security with usability, but he did say that the Redmond company had improved a lot in the last five or six years.

“Microsoft is listening to us. We give it some advice, it takes it into account and makes the required changes,” said Corrons.

Commercial success for Windows 7 would keep or even grow Microsoft's market share, but that this would mean it remains the main target for cyber criminals.

“If there is one main platform, the more resources criminals will use on it to find new holes,” he added.

Panda Security’s managing director for UK and Ireland Petter Laudin said that no operating system could be 100 per cent secure, unless a user decided not to access the internet at all.

Windows 7 doesn’t "wipe the slate clean"

He said that Microsoft was well aware that its older operating system had vulnerabilities and did try to put in security features for Windows 7. But he claimed this wasn’t what was needed to combat cyber criminals.

“It’s not so much about technology any more. It’s just as much about social engineering that can trick you into giving them money, regardless of what kind of operating system you’re on,” Laudin said.

Ian Aitchison, technology director at network security company Avocent, said that general feedback from his company’s customers showed that Windows 7 was a “slight” improvement in terms of security, but “wasn’t going to change the world”.

“It’s not going to make security risks go away," he said. "The jobs and the solutions that organisations are using to manage security are still needed."

Email to a friend

Print this page