Windows 7 Known Security Flaws - Reduced User Warnings
(Page 2 of 4 )
One of the least popular features in the Windows-based operating systems were the constant security pop-ups. As it turns out, the majority of end users did not enjoy having an endless parade of bubbles pop up to inform them of events that were relatively routine. Sure, it is nice to know when someone is trying to access your system illegally, but you really do not need to know each and every time one of your legally installed programs needs to make a connection.
In an attempt to pacify those unhappy consumers, Microsoft has made some changes to the end user warning system. In the classic damned if you do, damned if you don't fickle world of technology, the changes are now making security pundits unhappy. The real complaint is not with the reduced notifications, but with the potential for real security threats to fly under the radar.
The theory behind this new objection occurs when a user sets their controls to medium. On the medium setting a user can allow certain programs to run automatically without setting a warning. That's a great way to reduce pop-ups, if the programs running are ones that you know should be in your system. If the program, however, is malicious, or malicious code happens to be lurking inside valid software, this medium setting becomes a conundrum.
On the medium setting, a malicious piece of software can go about its business without the end-user ever getting a warning. In fact, there's a malicious bit of code that could be used to turn off the user warnings altogether when the user isn't looking. That means that it is possible for a piece of software to get administrator level rights to a system without notification.
Granted, this is much more likely if the user is already running as an administrator on the system. Nonetheless since many home-based users do actually run the computer on one account, which is by default the administrator account, it leaves a potential gap in the security, of which users should be made aware before they choose a security level.
While the new warning system is not perfect, it is still a step up from the one on the previous operating system, Windows Vista. Many users found the original incarnation of these pop-ups to be so incredibly annoying that they turned off the security altogether. This meant that, while with Windows Seven you may have some shot at being notified, if you turn off the annoying alerts in Vista, you have no chance of being notified.
Since the initial beta run, Microsoft has made some changes to the user account controls in Windows 7 that will help to keep notifications for privileged operations intact. While this may help to reduce the risk associated with using medium level, and lower levels account notification settings, it is by no means a panacea.
Then again, one must also consider the possibility that secure personal information can be taken off the system without involving any privileged operations. As a matter of fact, there are several ways that you can gain access to a system, or to the personal information of the user, without entering that privileged operations area, which means that you'd fall right back into the no notification zone.
The options are relatively obvious. Either when you use Windows 7 you keep the user account controls set to high notification, or you do regular checks to ensure that your system is not compromised. If you're not doing anything that you know you shouldn't be, and you are running regular virus scans on your system, then setting your controls to medium may not be much of a detriment. The real issue here seems to be if you're relying solely on Microsoft, and the operating system's built-in controls, to protect your system.
Next: Problems with Virus Scan Software >>
More Windows Security Articles
More By Katie Gatto
