Windows 7 Security Features
Windows 7 Security Improvements
Malware Protection
- Malware is malicious software designed to perform unauthorized acts on your computer. It is a large category of software that includes worms, viruses, and spyware. The least critical effect of malware is degraded system performance. Many times, computers with malware experience sig- nif cant slowdowns and system instability. A more critical concern is that malware can steal your personal information. For example, some malware is known to capture online banking informa- tion that can be used to steal money directly from your account.
- Install an antivirus program with real-time protection.
- Keep all elements under the Security heading in Action Center set to On.
- Only install software from sources you trust.
- The User Account Control (UAC) is one feature implemented in Windows 7 to control malware. By prompting users when software attempts to take administrative control, users are informed that software is manipulating their machine. Users can then deny the software access to make the changes.
- Windows Defender is a real-time spyware monitor to prevent the installation of and remove spyware. Spyware is a threat to privacy and often makes systems unstable.
- Internet Explorer has been modified to run in a limited state, called protected mode, in which user files cannot be modified. This means that even if an exploit is found for Internet Explorer, the exploit will not be able to manipulate the computer.
- A phishing filter has been added to prevent unauthorized Web sites from stealing log-on credentials and other personal information.
- Most Windows exploits that are used to install malware are the result of flaws in Windows services. Unlike applications that only run when initiated by a user, services are always running and represent a greater opportunity to attack. As well, in previous versions of Windows, services ran with high privilege levels. Windows services have been hardened in Windows 7 to reduce the impact of a flaw in a Windows service.
- Some of the changes in Windows 7 to harden Windows services are:
- Each service is given a SID number. Previous versions of Windows did not apply SIDs to services. With a SID assigned to each service, access to resources can be controlled for each service.
- Services run with a lower privilege level by default. In previous versions of Windows, many services ran as LocalSystem, which has full access to the local computer and operating system. Most services now run as LocalService or NetworkService, with lower privilege levels.
- Unnecessary privileges for services have been removed. For example, the ability to perform debugging is not required for services.
- Windows Firewall can control network access based on service SIDs. Unauthorized services are blocked from accessing the network.
- Services are isolated and cannot interact with users. Preventing user interaction stops malicious software from communicating with services and exploiting flaws.
Here are three essential things to remember to protect your Windows 7 computer:
Read more about malware at:
http://www.symantec.com/norton/security_response/malware.jsp.
Read more about User Account Control at:
http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx.
For more information about Windows Defender, visit:
http://www.microsoft.com/windows/products/winfamily/defender/default.mspx.