With such an immense user base, there must be a myriad of details you need to work on. What's the most significant security challenge Microsoft tackled while developing Windows 7?
No matter how good the technical protections are, it is important to help the user to make the best decisions that will help keep them safe from malicious users and software. Changes in UAC are an example of this sort of work to reduce the number of prompts all users will see while helping move the ecosystem to an environment where everyone can run as a standard (non-privileged) user by default. Other great examples include the new SmartScreen Filter and Clickjacking prevention technologies that are included with Windows 7 through Internet Explorer 8.
Is the rising skill level of malicious users combined with an increasing variety of attacks becoming a significant problem when developing something as demanding as a new version of Windows?
Clearly, the sophistication and motives of malicious users has changed dramatically over the past few years. We continue to work with security researchers and others to understand not only today’s threat landscape but tomorrows as well. This helps us build protections into the system that help secure your PC from acquiring and running code without the user’s consent. In addition, we continue to make sure Windows is resistant to both tampering and circumventing the protections within the system.
What has been the response of the security community to Windows 7 releases so far? Are you satisfied with the feedback? What have you learned?
The response by the security community to Windows 7 has been great so far. There has been some confusion about UAC and the changes we made there, but it provides a great example of how we can listen and work with the community to provide a product we can all be proud of.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.