Windows 7 security ‘still has room for improvement’

Windows 7 security looks encouraging, but there are a couple of areas that a Sophos expert is particularly concerned about.

Windows 7

A Sophos engineer has said he is impressed' with Microsoft's focus on security with the upcoming Windows 7, but said it still has areas to be concerned about.

In a blog entry, Sophos global sales engineer Chester Wisniewski highlighted a feature that he felt would be a "regression" from Windows Vista.

Previously in Vista, a user would be confronted with a red shield and pop-up alerting them if they were not carrying anti-virus. However, Wisniewski said that in Windows 7 it only showed a flag and a "tiny" red X to indicate something is wrong, with no pop-up.

He said: "Considering immediately on first login, Microsoft provides a dire warning about ensuring you have anti-virus protection, I find this a step backwards."

"Why have they regressed?," Wisniewski wondered.

He also said that extension hiding', where file extensions such as .EXE were hidden by default on Windows, needed to "go away". Wisniewski said that malware authors could take advantage of it, by as F-Secure describes it: "creating malicious files with double-extensions".

Despite the criticisms, Wisniewski was generally positive about Microsoft's attitude to Windows 7 security.

He said the Windows Biometric Framework' was a "step forward", which gave Windows 7 users alternatives to passwords when it came to authenticating themselves. However, this will only support fingerprint readers at launch.

Wisniewski praised Bitlocker To Go', which will give Windows 7 users the ability to encrypt removable storage such as USB sticks, and also the way it allowed older systems such as Windows XP and Vista the ability to access them.

Wisniewski was also encouraged by User Access Control, which focused on removing annoying prompts for non-Microsoft published applications.

He said: "This should better mirror the Mac OS X and Ubuntu Linux experience, providing the user with an opportunity to read and understand actions asking for approval, rather than clicking 'yes' to get rid of the nagware."

Microsoft has not replied to request for comment at the time of publishing. Windows 7 will be out on 22 October - click here for our review of the Windows 7 beta.

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now

Recommended

Sophos Central Endpoint Protection review: Because you’re worth it
endpoint security

Sophos Central Endpoint Protection review: Because you’re worth it

3 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
Virtualise Windows 7 under Windows 10
Microsoft Windows

Virtualise Windows 7 under Windows 10

5 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

3 Aug 2020