As always malware and mass infections is a numbers game so the bad guys will always target the most popular and prolific operating systems to increase their chances of widespread infections.
For me personally UAC in Windows Vista was simply a pain in the ass, so much so I just turned it off completely as did most people rendering it completely ineffective. They seem to have toned it down in Windows 7 to make it less invasive and perhaps as a byproduct have made it less effective.
A researcher at Sophos reports putting Windows 7’s User Account Control feature to the test and finding the technology failed to block numerous pieces of malware. Microsoft, however, stresses that UAC is only one part of Windows 7’s security.
A researcher at Sophos called the UAC feature in Windows 7 ineffective after numerous pieces of malware snuck by the technology in a test.
Microsoft first introduced User Account Control in Windows Vista to improve security. After some users complained the number of alerts it generated were annoying, the company pledged to cut down on the number of prompts in Windows 7. The move however has raised concerns in the security community, and Sophos Senior Security Adviser Chester Wisniewski said his test proves Microsoft took it a step too far.
Wisniewski wrote on his blog Nov. 3 that seven of the 10 pieces of malware he tested ran with the default AUC enabled in Windows 7 without generating any prompts. As part of the test, no antivirus software was installed on the system. Two of the malware samples did not work in Windows 7; of the remaining eight, only one generated a prompt, and that one still would have been installed had the user clicked yes, Wisniewski told eWEEK.
I’d imagine it only throws an alert if the software being installed tries to modify system files or place itself in system directories (c:/windows etc).
That would make sense to me, and yes it would make it ineffective against malware and even more ineffective when the bad guys work out how it functions and adapt to that.
Nothing much new here though is it, run anything on Windows XP and you’ll get no warnings..so just be vigilant. I’d rather Microsoft try an educate people on good security practice rather than trying to implement half-arsed technical measures to protect against wetware ignorance.
When asked about the test, Microsoft officials pointed to the other features of Windows 7 that have improved security.
“Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware; this includes features like Security Development Lifecycle (SDL), User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP),” a spokesperson said.
“Windows 7 retains all of the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released,” the spokesperson added. “Coupled with Internet Explorer 8—which includes added malware protection with its SmartScreen Filter—and Microsoft Security Essentials, Windows 7 provides flexible security protection against malware and intrusions.”.
All the above technologies are great and they do help a LOT when it comes to exploitation of vulnerabilities and trying to execute shell-code. But that’s not the biggest threat, the biggest threat is idiot users installing malware ‘by accident‘ on their own computers.
So yes, however obvious it may seem to us – you still need to install Anti-virus software on Windows 7.
- Tiger – Unix Security Audit & Intrusion Detection Tool
- Egress-Assess – Test Network Egress Data Detection
- Just-Metadata – Gathers & Analyse IP Address Metadata
- Windows Vista & Windows 7 Kernel Bug Can Bypass UAC
- Measuring up the Security Risks for Mac – Are Apple Prepared?
- Windows 7 UAC Vulnerable – User Mode Program Can Disable User Access Control
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,683 views
- Password Hasher Firefox Extension - 117,431 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,630 views