Microsoft has attempted to address many of the complaints about its Vista and XP operating systems with upgrades to Windows 7. Windows 7 introduces several new technologies to make it more difficult for illicit programs to download and run. The new OS also features improved system-management controls and available file encryption. A few of the improvements include:
• Parental Controls allow parents to set limits on computer use, create blocks of time during which computer use is disabled or allowed, and monitor/block certain kinds of games and programs. And the parental controls in the Windows Media Center allow parents to prevent movies and music with restricted ratings from playing without their permission.
• The latest Microsoft web browsers, Internet Explorer 8 & 9 have made the Windows operating system significantly more secure. New features of the browsers include multiple filters, domain highlighting (to make it easier, for instance, to tell that the domain you are visiting is secured and utilizing encryption – https = green – or suspicious), and data execution prevention (DEP) which prevents code from running on a system that can take advantage of Windows exception handling.
• The new Windows 7 Action Center
ensures that the firewall is on, that the installed antivirus software is up to date, and that the computer is set up update automatically. The Action Center uses color-coding to indicate the potential importance of the message the Action Center is displaying. The Action Center interface also allows data backup and low-level troubleshooting and diagnostics.
• Microsoft has also implemented a security feature called Address Space Layout Randomization (ASLR) to make it more difficult for hackers or identity thieves to find and access important system files.
• The new Windows Direct Access program allows users to connect securely to an organization’s network using a VPN, permitting users to work in groups on a secured network.
• Built-in Applocker software restriction controller allows system and network administrators to decide what programs are allowed to run and when – preventing both users and programs from running programs or scripts that are unsecured and preventing certain kinds of programs from being able to download “updates” that decrease system security.
• Bitlocker Drive Encryption allows the encryption of data and passwords, so that even if a computer is stolen, the data will be very difficult to access. The program also allows data to be encrypted on external drives and devices (USB drives, cds, etc.). (Bitlocker is available in Enterprise and Ultimate editions of Windows 7.)
• Windows 7 also allows computers to be secured with fingerprint scanners, preventing unauthorized access of machines.
• The Windows 7 built-in firewall monitors everything entering and exiting the system. This can help
prevent harmful traffic from moving into a system and also prevent a computer from being commandeered by a botnet to help perform illegal activity on the computers of others.
• DNSSec integration allows Windows to verify the security and authenticity of websites by communicating with the server hosting the site before allowing it to load – decreasing the likelihood that users will unknowingly visit fraudulent or unsafe sites.
• Windows Back-up and Restore provides multiple options for backing up data, preventing large-scale data loss in the event that a hard drive becomes inoperable.
• Windows Defender, built into Windows 7, works much like a lightweight antivirus program, monitoring programs that attempt to perform operations on a system, providing community updates, and allowing spyware and malware scans.
• Windows 7 also makes it easier for the individuals who use a computer to run as Users instead of Administrators. Based on the way that the Windows privileging system works, programs inherit the permissions of the person on the computer when they start and run. System Administrators have unlimited privileges to alter system files, so if a malicious program enters a system while the user is the System Administrator, it is privileged to perform operations that will destabilize the system and make it very difficult to remove. By relegating most activity to User status rather than Administrator, Windows has made it more difficult for illicit programs to gain escalating privileges.
Sources: Microsoft, TechNet, and PC World