More about Windows 7 Security
About two months ago I purchased a laptop running Windows 7 Home Premium. Like so many others, I never bought Windows Vista, and my only experience with Vista was in trying to help Vista users who had a question or experienced a problem that they could not solve. I never liked Vista. As I look back on my experiences with the operating system, I think that the combination of the 3D desktop, performance problems, and dialog boxes popping up everywhere and just about all the time pretty much precluded my chances of feeling favorable towards this operating system. Ads that portrayed Windows 7 as much more user friendly and favorable reports from early Windows 7 users convinced me that I needed to try this operating system.
I’ve owned my Windows 7 laptop for a little over two months now. In general, I like this operating system (although I very much miss some of the features of my Mac, so much that I sometimes go back to using it, especially for multi-media functions). I’m glad that the 3D desktop has disappeared, and the I cannot for one second complain about the performance, which certainly is due in large part to my running the 64-bit version of this operating system. I also like the fact that I by default login as an unprivileged user, something that greatly reduces risks such as visiting malicious Web sites or opening email messages that contain a malicious attachment. As in Vista, the Windows User Access Control (UAC) feature pops up a dialog box whenever I am about to engage in a potentially risky action from a system stability and/or security standpoint. I must admit that after being annoyed by having been presented with hundreds of such dialog boxes, I have tuned them out. I now barely skim the text within each such dialog box before clicking “Yes,” but I now think I would rather have UAC than to not have it.
Windows 7 also has some more annoying features. Until my boss showed me a setting to change the default cursor/pointer behavior, I found that the pointer sometimes ended up in strange places, normally in an extreme corner of the screen, when I had no intention of making it move in such a manner. Additionally, windows used to re-size themselves seemingly out of nowhere and the Windows 7 “snap” feature in which two windows on a display suddenly butt up to each other, each taking half of the screen, is something that some users may appreciate, but I am not one of those users. I like the way the cursor/pointer and window sizing worked in Windows XP and other previous versions of this operating system—why change something that has worked so well?
Already a number of vulnerabilities in Windows 7 have been identified. One of the most serious is a vulnerability in the Server Message Block (SMB), the protocol used for file and printer sharing, which if exploited can cause denial of service. This vulnerability also exists in Windows Server 2008. Another is in UAC, which works just fine with applications that involve interaction with users, but not when a third-party application invokes code by proxy via a built-in Windows application. In this case UAC does not prompt users concerning whether or not they want to continue when something potentially risky (e.g., when invoked code may be malicious) is about to happen. Worse yet, any malware that is invoked runs with full Administrator privileges.
One of the most troublesome vulnerabilities in Windows 7, however, is in connection with the Virtual DOS Machine (VDM), something that was first built into Windows NT when it was first released in 1993 so that 16-bit applications could run in 32-bit computing environments on 386 and higher architectures. The problem is with BIOS calls in the Virtual-8086 mode monitor code. An unprivileged malicious user running a 16-bit application on the VDM can issue calls that escalate privileges and ultimately gain complete control of the system. This flaw exists in all Microsoft operating systems with a VDM, meaning that this vulnerability has existed in Microsoft operating systems for a long time.
Microsoft has not yet released a patch for this serious vulnerability, but several workarounds can be used. One possible workaround is for someone with Administrative privileges on Windows 2003 and up to modify a Group Policy setting that prevents 16-bit applications from running. One has to invoke the Group Policy Editor, then go to Computer Configuration -> Administrative Templates -> Windows Components -> Application Compatibility and set this option to “True.” This will prevent any access to the VDM.
No operating system is perfectly safe from a security point of view. I’ll take Windows 7 security over Windows NT or Windows 2000 security any day. And it is nice that Windows 7 is more user friendly than Windows Vista. But the presence of legacy vulnerabilities in this newest release of the Windows operating system genuinely troubles me. It is well time for Microsoft to take a cue from OpenBSD, in which new code is written to replace patched code in each subsequent release of this operating system. Copying this practice will not solve all the legacy vulnerability problems in Windows operating systems, but it would at least be a good start.