Securing the Windows 7 beta

Windows 7's "Action Center" alerts users if they don't have antivirus software installed, pointing them to a Microsoft Web site with links to download various antivirus software products.

(Credit: CNET News)

Despite the fact that security programs are often some of the toughest code to make work with a new operating system, Windows 7 already has several companies ready with products aimed at keeping it safe from attackers.

By comparison, only one antivirus firm--McAfee--had its security software commercially ready by the time Microsoft launched Vista for businesses in November 2006.

That said, it stands to reason, given that Microsoft was making far more dramatic changes to the operating system's underlying architecture in Vista than it is in Windows 7.

This time around, it is AVG, Kaspersky, and Symantec that have products that are being touted from Microsoft's site. McAfee said it will have support by the time Windows 7 launches, while Trend Micro is working to have a compatible product in the next month or so.

"It is great to see that these partners were able to have their solutions working so early in our development process," Microsoft's Brandon LeBlanc said in a blog posting.

Dave Cole, a senior director of product management at Symantec, said his company decided to offer up a test version of its Norton 360 product for use with Windows 7, even though the company knows there are still a few things left to work out.

"We determined that we could run reasonably well under Windows 7," Cole said. "There are bugs that we know about, but we're comfortable enough with the effectiveness of the product that when they called us to participate we took them up on the offer."

Having the support lined up is important to Microsoft, which built an "action center" into the operating system that warns users if it detects there is no antivirus software installed. The action center then points to a page on Microsoft's Web site with links to Windows 7-compatible security software.

The page lists Kaspersky, AVG, and Norton, but adds that "Microsoft is actively working with additional security software independent software vendors (ISVs) so that security software solutions will be available for Windows 7 Beta and (the final release of) Windows 7."

As far as Windows 7's approach to security, it appears to draw heavily from the investments the company made with Windows Vista.

The most notable change is probably the fact that users now have the option to choose how often they are required to authorize changes to their system. One of the most frequent criticisms of Vista was the annoyance of the User Account Control dialog boxes that forced users to authenticate many types of changes to their systems.

Microsoft spent a fortune securing Vista, both in engineering new features as well as in testing. The software maker corralled a significant chunk of the world's penetration testers to help poke at Vista ahead of its release.

The software maker plans some penetration testing for Windows 7, but declined to say how much or whether it would be comparable to its Vista effort.

CNET News' Elinor Mills contributed to this report.

[mjconver]

I've got nothing against people like Symantec making money, but when is Windows finally going to be secure? This is like GM selling all its cars without locks on the door.

[vamman]

Moron? Go find an average GM vehicle. Get a piece of flexible but sturdy piece of sheet metal that you can slide between the glass on either the drivers side or passenger door. Push the metal down between the glass and the door and push down while bending the steel back towards the outside of the door skin using the width of a pen. About 10 tries later you will unlatch the locking bracket and then pull up and you lock will pop up.<br /><br />Point for my comment is the fact that securing Windows, Mac, or Linux will never be truth always. There is always a hole or an exploit waiting to happen. However, in Vistas defence, there really hasn't been that many exploits in this OS. And Symantec is a piece of **** that will slow down your system immensely and has since the days of 95.<br /><br />We much prefer AVG or NOD32 on our systems.

[Penguinisto]

"Go find an average GM vehicle. Get a piece of flexible but sturdy piece of sheet metal that you can slide between the glass on either the drivers side or passenger door. Push the metal down between the glass and the door and push down while bending the steel back towards the outside of the door skin using the width of a pen. About 10 tries later you will unlatch the locking bracket and then pull up and you lock will pop up."<br /><br />Hey - that's just like Windows now! They claim to be secure, but anyone with the right bit of malware can pop the lock and get right in... <br /><br />(finally, an analogy that fits!)<br /><br />/P

[UITD]

Excuse me, but every time Microsoft adds something to its OS - fruitcakes like you ***** and moan anti-trust and sue them. So, **** baby.<br /><br />The REAL question is, when are we going to prosecute and imprison thugs that create viri and send spam? A bit of enforcement of laws would take care of these idiots for sure.

[Penguinisto]

@UITD:<br /><br />Dunno exactly how to tell this to a MSFT fanboy, but the A/V pestering is not a new feature. It's been around since XP Service Pack 2.<br /><br />(crap - are MSFT fanboys so damned ignorant, even about their own fave OS? *shudder*...)

[someguynamedbob]

how come everyone puts important info on there computers anyway?

[cnet_user_0]

Vista's UAC feature was the best thing that could happen in terms of securing the operating system. Not many like UAC because it is not easy to request for elevation of privileges via scripts for administrative tasks. <br /> <br />The best way to secure your PC is to work as a standard user. Windows Vista makes working as standard user easier than on XP because on Vista, the administrative user is effectively a standard user until he/she satisfies UAC's consent or credential prompt. <br /> <br />I have said good-bye to A/Vs on Windows XP and Windows Vista and work entirely as standard user. It's been two years now and my PCs have not yet been infected. It's a much better experience and you get the performance from programs that you expect instead of having A/Vs slowing them down.

[darthstupid]

As Bruce Schneier says, "Security Is A Process, Not A Product."<br /><br />Read why:<br />http://www.schneier.com/crypto-gram-0005.html#1

[RighteousSoutherner]

Amen UTD! It's about time we go after the hactivists and hang them by their nuts!! They are the real source of the problem. <br /> <br />RS

[tm_anon]

@OP<br />Windows will only be secure when your PC is not connected to the internet, has no place to plug in a keyboard or mouse, is not capable of having any modifications made and in fact is just a lump which will not even run when powered up. Even then, someone will find a way to exploit it.<br /><br />@vamman<br />When comparing a GM car to Windows you might want to point out that breaking into Windows is more like walking up to a car with the doors in the locked position but hanging wide open. No sheet metal required.<br /><br />@UITD<br />Spammers are already fined, virus writers are already prosecuted. The problem comes mainly because of the way viruses work in that tracking down the source is extremely difficult. A better education on how to handle files being recieved is a better choice. If it's from an unknown source, don't open it. If it's from a trusted source ask if they sent you a file, even if they say in the message "I sent you this file".<br /><br />@someguynamedbob<br />What kind of person doesn't? Resumes are written on computers, they contain personal information. Bank info is often kept for tax purposes, Businesses keep information on computers to make the cost of running the business go down.<br /><br />@cnet_user_0<br />I agree that UAC is necessary to run a more secure OS, that's why I switched to Ubuntu. UAC is something that has existed in a much more user-friendly fashion. The difficulties aren't in the process itself. Rather, the difficulties are in the implementation. On Ubuntu, unless I am constantly making changes to the core of my OS, I don't see the UAC. I turn on my firewall and that's the last I see of UAC for the next 3 days as I restart my computer every third day. As for running A/V, I do run it. I run it to protect those who still run Windows with A/V, like yourself. You're playing with fire by not running any but that's your choice.

[alegr]

Penguinisto, <br /> <br />If you can get people to use non-Administrator accounts, and teach them avoid running crap from e-mails, then XP/Vista is as good as Linux. The problem still exists between a chair and keyboard. As soon as trojan writers will start to care about Linux and OS X user base, you'll see those "Install this update immediately!" trojan emails with Linux- and OS-X aware payloads. And there will be enough suckers with your favorite OS, who follow the email instructions. Nothing beats old good social engineering.

[eriew]

I use McAfee as it comes free with my ISP as part of the service. After installing Windows 7 Beta on a PC that I built for testing, I went to the McAfee site only to learn that their suite is not compatible with the Beta. <br /> <br />I installed Norton trial version. Dammed if I will pay to put anti-virus software on a test machine! Supposedly they sent me a key to unlock the trial version. I haven't installed the key yet or studied closely the license Terms and Condition. Hurry up McAfee, the Trojans are lined up and waiting to get in.

[protagonistic]

Try the Kaspersky beta. You get a 90 day trial license and can be up and running right away. So far it is looking good. It will be a long time before I ever use another Symantec program. I betas tested just about avery piece of software they put out for years. I finally gave up when none of the critical bugs I was finding got fixed before the release. Not to mention the software started causing more trouble than it prevented.

[Lerianis]

What 'critical bugs' are you talking about, protagonistic? If you won't mention what they are, then there are not any. Personally, I have had NO problems with Symantec products for the last 5 years. Before then, I was always having to run the 'Norton Clean Tool" in order to get rid of every Symantec entry on my machine when I installed a new version of their software... since then.... haven't had to do it but once, when a really bad crash scrambled Norton system files.

[nvexyzzy]

None of the touted antivirus programs work in the 64-bit verison. Nor do any others I tried. All lead to a BSOD, some faster than others.

[wolivere]

I been runnin Kaslersky on the 64 bit version with 0 issues.

[kavonbor]

I installed AVG FREE and it is working without issue. I have a home-built AMD Athlon 64 pc. <br />I guess it just goes to show that ever single configuration is different and so every user will experience different results. <br />I'd recommend un-installing Windows 7 beta, and re-installing. Check drive space, etc., etc., the basics. <br /> <br />For the record I love Windows 7...I havent paid for a Windows OS since Win95 but I will absolutely buy Win7. I've been running XP until now.

[kenpm]

I've been using Avast and AVG on Vista 64-bit for a year. Now I'm using Avast on Windows 7. So there are AV apps that have no problem with 64-bit.

[leogmafire001]

Avast! works really well and installs as a 64-bit version. Have had 0 issues with Windows 7. Try it.

[nvexyzzy]

I did try AVG again; nforce mb with latest drivers. Still fails with BSOD....

[Maclover1]

This a "no **** really" article. 7 is Vista with more bug fixes. All the security companies had to do was probably tweak existing code to work with the better UAC....IF ANYTHING AT ALL.<br /><br />I like 7, but lets be honest, it could almost be Vista SP2. It feels like Vista finished to me. 98% of it looks like Vista. XP was a tweaked 2000, but it had more changes that 7 does compared to Vista.<br /><br />7 = Vista SP2 with a name change to hopefully spur corporate sales.

[ZetaZeta_]

Service Packs don't add features. Never have. Never will. People need to get this SP2 mentality out of their head.<br />This is more like "Windows NT 6.1" than anything else.

[Penguinisto]

Probably more like "Vista R2" than just an SP.

[quasi42vt]

@ZetaZeta:<br /><br />"Service Packs don't add features. Never have. Never will."<br /><br />Uh...wrong. XP SP2 was a nearly a complete rework of Windows XP/ XP SP1. It added a plethora of new features and functions the majority of which were admittedly "behind the scenes" with less UI changes than Win7 has over Vista but for all intensive purposes, WinXP SP2 could easily have been considered a new Windows OS.<br /><br />MS could have rebranded it as such but they didn't. I suspect that the bad rep that surrounds Vista has a lot to do with moving away from the Vista name even though I have to agree that Win7 is the equivalent of what XP SP2 was to the original XP/XP SP1.

[darthstupid]

ZetaZeta_:<br /><br />Service Packs probably shouldn't add features but they often do. Just as an example, the initial release of XP as well as SP1 lacked built-in WiFi access point selection. It was added in XP SP2.<br /><br />There are many other features added in SP2 as well:<br />http://en.wikipedia.org/wiki/Windows_XP#Service_Pack_2

[BrandonLive]

"7 = Vista SP2 with a name change to hopefully spur corporate sales." <br /> <br />This is an incredibly ignorant comment. Vista SP2 is a collection of bug fixes and a few small out-of-band updates collected together. It is a "sustained engineering" project and not even developed by the Windows engineering team. <br /> <br />Windows 7 has been worked on by thousands of engineers for 2+ years, it has significant changes at every layer (you don't rewrite the shell, make massive changes to the kernel's scalability, or add several hundred new features in a service pack).

[facepunch32]

keep yapping pen, like a little dog, all youre little slams, yet go stand in frys electronics and watch how many pcs sell even with all your little crying

[chrisaroz]

I'm running Avast just fine on Windows 7 64-bit...

[Starderup]

Me too.

[leogmafire001]

Me too. Avast! Rocks!!

[Penguinisto]

No different from Vista or XP, really - they all bugged you to get an A/V package. <br /><br />So, err, where's the big feature here? The screen even looks just like the Vista version.

[mickeymjay]

I have to disagree Penguinisto. Windows 7 doesn't continue to bug you about it. I think the updated action center is much better. <br /> <br />There really isn't much in big features for antifirus programs and Windows 7. However, if your refering to Windows 7 with "where's the big feature here" statement, then I wonder if you have even tried using the software. First, the taskbar change is a big feature. The major update to the windows caculator is another major update since I can't remember when it was changed. Then you have paint and wordpad. Another major change is how Windows 7 handles home networking. Homegroup is a nice and easy home networking feature.

[Penguinisto]

"I have to disagree Penguinisto. Windows 7 doesn't continue to bug you about it. I think the updated action center is much better."<br /><br />Vista has this right now... so again I have to ask - where's the newness here?<br /><br />"However, if your refering to Windows 7 with "where's the big feature here" statement, then I wonder if you have even tried using the software"<br /><br />Yep. I'm also typing this on a Vista (x64) machine, where I can flip over and see the same thing that Ina is touting in the article. Your point? ;)<br /><br />"First, the taskbar change is a big feature"<br /><br />cosmetic changes are not really features ;)<br /><br />"The major update to the windows caculator is another major update since I can't remember when it was changed. Then you have paint and wordpad."<br /><br />I'm really sorry... but... seriously? I'm supposed to spend $$$ in upgrades just to get a new revision of calc.exe, paint.exe, and wordpad? <br /><br />Okay, look... before this goes too far south, let's simplify this a bit: Windows 7 is a slight improvement on Vista, mostly in how it manages resources (e.g. you don't have to have a minimum of 4GB just to get it to run worth a damn). OTOH, everything I see in it (yes I have the beta), aside from some minor cosmetic bits, are already present in Vista. As in, you can get all of this right now, as long as you don't mind the bloat and bugs that Vista brings with it. <br /><br />The reason I asked where the big feature was, is because the thing Ina keeps pointing to, I can pull up a near-exact copy of right now... in Vista.

[Vegaman_Dan]

Penguinisto: <br /> <br />Good grief, you cannot be possibly this stupid and ignorant. But I could be wrong. Let's find out: <br /> <br />RE: Updated Action Center: <br /> <br />"Vista has this right now... so again I have to ask - where's the newness here?" <br /> <br />WRONG. This is a new feature. If you used the product instead of making uninformed bigoted postings, you would know this. <br /> <br />"Yep. I'm also typing this on a Vista (x64) machine, where I can flip over and see the same thing that Ina is touting in the article. Your point? ;)" <br /> <br />IMPOSSIBLE. You have stated publically many times in the past (and just this week in fact) that you do not own, use, or support *ANY* Microsoft product. You bragged about it in fact. Now you say you're using Vista 64 on a system? Which is true? You either lied about not having/using/supporting Microsoft products earlier, or you're lying now. You can't have it both ways. Which lie do we believe now? You just got caught telling another big one. Credibility: ZERO. <br /> <br />RE: Taskbar changes <br /> <br />"cosmetic changes are not really features ;)" <br /> <br />Um, yeah... so here you have demonstrated you have never seen or actually have used the product. If you had, you would have been all over how clumsy it is at 0first, how the Quicklaunch bar is missing, etc. You wouldn't miss an opportunity to bash Microsoft like that and here you just proved yourself not to have any experience at all. Is this another lie? <br /> <br />RE Vista and 4Gb of memory: <br /> <br />"e.g. you don't have to have a minimum of 4GB just to get it to run worth a damn). " <br /> <br />Wow. What complete and utter FUD this is. But hey, let's use your tactic so people can get the real experience. Did you know it takes32Gb of memory to get Linux to work decently? <br /> <br />Sheesh, do you honest think people reading your comments here actually are so stupid as to believe your lies? Do you get tired telling them? <br /> <br />It's not even hard to spot them anymore. <br /> <br />So folks, you heard it here- Penguinisto is using Windows now. But just wait, tomorrow he'll claim once again that he has never used Vista and doesn't use any Microsoft products. He's done it befoer and will do it again just like he did here.

[D3vildog699]

I have installed many 3rd party programs into a four year old Hp DV2000 laptop... i can't get it to crash. I have tried and tried. Nothing, im really impressed (Pissed off that this what vista could have been) but nonetheless impressed. <br /><br />The task bar needs work but the Aero is much better.. <br /><br />And if Cosmetic Changes aren't features.. how do you explain Macs?

[hunkyboi69]

I've been using Win 7 x64 for 3 days constantly now and I have to say, for a beta, the system core is rock solid. A few of the apps have a few quirks, but the system is amazingly stable. <br />I downloaded Kaspersky Beta, as I have used Kaspersky for many years and always found it to be better than the other 'leading' brands, both for bloat and performance. It works fine except they haven't updated the databases for a few days so it keeps moaning about it. <br /> <br />I think some of the nobheads on this board just want to bash Microsoft, but...it is looking like a damn good OS at the moment from how it's performed so far with me.

[facepunch32]

pen....youre obviously not gonna use it so why do you care so much.......get a life

[mickeymjay]

I have tried a few different antivirus programs. First, I tried AVG Free edition. It works with no problems but slowed down my system. I then redid my system and installed NOD32. It was very fast. Didn't notice my system slowing down at all. The last antivirus program I tested after reinstalling Windows 7 beta was Norton 360 that Windows 7 had a link to. I was expecting my system to slow down, but it was a very quick install and the system runs about the same as it did when I installed NOD32.

[Starderup]

Avast has a free anti-virus solution on their website (the Home version). Don't pay for software unless you have to.<br />I have used Avast! for years, and never gotten a virus on 98, XP or Vista.

[a_flores]

I installed Avast Home in my Windows 7 beta and it works well.

[itproblemsolver]

I have ESET NOD32 installed on Windows 7 Beta. It works fine.

[P_F_M]

Kaspersky works fine on W7 64.

[mmagliaro]

Well, since Windows NT (when I started using Windows), I have never, ever, used an anti-virus product or a firewall, and I have gotten nailed exactly zero times. It's called self-discipline. Turn off NetBIOS, don't use IE or Outlook, don't share your drives to the network, and work behind a router -- ALWAYS.<br />Don't open email attachments, from anyone, under any circumstances, unless you expected them to send it, or you manually open them in a safe program (i.e. do NOT open images in a web browser, open them in an image editor. Do not open movie or music files in Media Player. Use some non-Microsoft thing).<br /><br />This may sound extreme, but it really is not hard at all. And it's a lot faster and more secure than depending on these anti-virus things that are always behind the curve.

[Lerianis]

No, it is not. I do all those things and MORE, and I still have had a virus sneak onto my system from time to time, so the fact is that you are being a 'snake oil' salesman here.<br />You simply NEED AN ANTI-VIRUS.... the only thing you have been..... INFINITELY LUCKY, thus far.

[random truth]

You forgot a couple things.<br />1. Dont look for cracks.<br />2. Dont try to pirate<br />3. Dont look for serial codes<br />4. Dont look at porn.<br />5. Dont use limewire

[nvexyzzy]

I see several have gotten some anti-virus stuff to work on the 64-bit version. None did for me and this was on a clean install with nothing else loaded. I suspect it must then be my combination of mobo network conenctions, video and the software. Kaspersky died quickly in one of it's routines (kdy.sys, I think). , Avast and AIG died in tdi.sysalmost immediately. Norton died also in tdi.sys but took about a half hour before it bombed. <br /> <br />Since removing them all, no problems for the last 3 days.

[MrSviess]

Ah ha ha ha ha ha ha ha ha, you guys just keep telling me that I'm in such a minority that that is why I don't have hackers plaguing my sorry-ass system. I've been working at 100% technology efficiency for over twenty years and I don't have AV crap on my machine, guess why? Yup you guys really think you are still WAY better off and are really getting your money's worth using those "affordable" computers, well keep talking and spending and finagling and fixing your aging system that may very well NEVER be secure, I'm heading off to carelessly browse the net and flaunt my vulnerability to those hackers who apparently only want to cause M$ users pain. And just like the school ground bullies only harass the weak minded and stupid I'm beginning to see why they target that segment, later chumps?

[tm_anon]

You do realize that Linux can be hacked and, if given a reason such as stupidity, it will be. I'm a Linux user, have been for a month and plan on continuing to be for life. The problem in a Linux machine has always been the user. If you go around saying "I'm immune to viruses, I'm immune to viruses" someone will write a virus specifically to shut you up. Sure, on a Windows machine it takes almost nothing to write a virus that will destroy the OS without the user even having to run the virus manually. It's not impossible to do in Linux, it's just more difficult. Security vulnerabilities are everywhere, they just tend to be patched more quickly in Linux. It's much easier to write something specific to take down your arrogance.

[Lerianis]

tm_anon.... actually, most times, when a virus 'totally destroys a system' on Windows PC's.... it's because someone has been stupid enough to run something they damn well shouldn't have.<br />I have YET to see a virus capable of causing mass damage WITHOUT USER INPUT on anything since Windows XP SP2.

[ebingert]

Your constant and pointless rants on this forum just indicate your own insecurity with your choices. Why do you feel the need to bring MS users down? Shouldn't you stop wasting your time hating on other people when you've made it clear how much you enjoy using your beloved Mac? If Macs are so great and MS is SO terrible then why haven't I ever had ONE virus as a MS user? It's not that I don't use the internet. And if you thought my previous comment was akin to "blatant racism" then this one of yours could be compared to elitism and bigotry the way you talk about poor people their affordable computers.<br /><br />And if you've been using Macs for over 20 years, you sound terribly immature for someone your "age".

[laxmanchip]

I, too, installed AVG Free with no issues.

[BeauGiles]

OneCare can also be tricked to run under Windows7, has worked just fine for me - http://beaugiles.net/2009/01/how-to-install-and-use-onecare-on-windows-7at-your-own-risk/

[ferretboy88]

Having the Mac people come in here and talk smack makes me want to buy two copies of windows 7 now.

[JuggerNaut]

Heck for the price of 2 copies of Windows you could get 2 Macs instead!

[Mark_Anderson]

I think you mean Big Macs.

[ferretboy88]

I am using windows 7 right now with my custom built water cooled quad core. Its is sweet.

[odaynasser]

Windows 7 Facebook Fan Page:<br />http://www.facebook.com/pages/Microsoft-Windows-7/39012423321

[enegma905]

123654

[wolfpacker1993]

"Go find an average GM vehicle. Get a piece of flexible but sturdy piece of sheet metal that you can slide between the glass on either the drivers side or passenger door. Push the metal down between the glass and the door and push down while bending the steel back towards the outside of the door skin using the width of a pen. About 10 tries later you will unlatch the locking bracket and then pull up and you lock will pop up." <br /> <br />microsoft is trying to do what many car companies (such as honda) are also trying to do. change the type of locks on their doors to keep that from happening while also adding to the sleekness and user-ability of the car/OS. that old trick their only works on the cars that have little rods that stick up to lock or unlock the car. many new cars are getting little "switch type things" next to the handle that u have to flip and this can not be mimicked from the outside. microsoft is tyring to do the same type fix for windows 7.