Out of the box, Win 7 less secure than Vista

Out of the box, Win 7 less secure than Vista

Summary: According to a well respected security firm, Microsoft's flagship Windows 7 operating system is less secure in its default configuration that Vista.


According to a well respected security firm, Microsoft's flagship Windows 7 operating system is less secure in its default configuration that Vista.

Trend Micros CEO Raimund Genes believes that Microsoft has put usability ahead of security:

"I'm not saying Windows 7 is insecure, but out of the box Vista is better."

"I was disappointed when I first used a Windows 7 machine that there was no warning that I had no anti-virus, unlike Vista. There are no file extension hidden warnings either. Even when you do install anti-virus, warnings that it has not been updated are almost invisible."

"Windows 7 may be an improvement in terms of usability but in terms of security it's a mistake, though one that isn't that surprising. When Microsoft's developers choose between usability and security, they will always choose usability."

Interestingly, Genes believes that the XP Mode feature present in some editions of Windows 7 actually improves security because it makes available a sandboxed OS. Other security firms (in particular Sophos) have criticized XP Mode, labeling it a security risk because it needs to be patched separately.

So, for a more secure Windows 7, Trend Micro recommends upping your UAC setting higher.

Topics: Windows, Microsoft, Operating Systems, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • usability and reliability outrank security everytime

    As Microsoft seen with Vista. They learned is i make a secure OS and throw user-friendly out the window well we all know how that worked out. I don't care how secure a security company like symantec or trend micro say the OS is if it is not user friendly it will not sell period. Also hardware is the same a linksys router out of the box is insecure you have to secure it. However a Cisco router out of the box is secure and you have loosen it up a little. Same applies here with Windows 7 MS loosen it up a little so i you want to Vista secure it go ahead
    • Excuse me!

      Excuse me.... "usability and reliability outrank security every time" is rather a silly thing to say, since INSECURITY always tends to make things LESS RELIABLE, and therefore all the LESS USABLE, and not the other way around!
      • wooosh

        You obviously missed the point, he meant from a business perspective, it sells better. Customers don't care about security much until AFTER they run into issues, and even then they quickly forget.
        • Well the main reason for me to choose to buy windows 7 over xp

          Well the main reason for me to choose to buy windows 7 over XP. Is the fact that it crashed less often and is more secure.
          • They have changed UAC in build 7600 anyway

            Its not the same as the beta or the rc.
          • True

            However i still run Xp in the enterprise and will continue to for a little while. However when i do make the move it will be to Win7.
          • Hi Adrian!!! Thought I would stop by...

            An remind you that you as to what a shill you are.

            I have more respect for crap I scrape off my shoes that I do the worthless garbage you post here. Same worthless sh!te over and over and over. Toll bait for mouth breathers.

            I get bored just reading it. I could not imagine anyone with a shred of dignity signing there name something like this.
          • Crashed less then XP!?!? WOW!!

            I have XP on 3 good computers at home, and in the last 4 years I estimate about 4 crashes, all quickly recoverable, between all three computers. No crashes in the last 3 years on my XP based work computer.

            If Windows 7 handily beats that I hope we have heard the last of the dumb-ass "Apple guy" commercials claiming that using Windows results in unending non-stop crashes.
          • It's not that Windows itself crashes...

            It's when you install poorly written software on Windows, XP didn't do a great job of protecting itself against that bad software. This was especially true in the drivers, and is why video drivers on Vista could do less harm than their XP counterparts, but also ran about 10% slower. 64bit does an even better job of isolating bad code, as there's no shared addressing at all in 64bit, and ALL 64bit drivers must be signed by default (it can be turned off but DON'T).

            The next step needs to be full application sandboxing, similar to what you see now on iPhone, Android, and Symbian OS. The level of paranoia on mobile devices is healthy for security, as it keeps one application from doing ANYTHING to another application but still allows for communication and sharing through system services. It's time to bring this to the desktop, and doesn't require virtualization to work, just strict checking of file IO by the system APIs.
        • In terms of Windows 7...

          ... users are treating it the same way as they do Macs. People hear Win 7 is great so they want it, they still hear stories about Vista's Home Basic and pre-SP1 Vista, and refuse to try it. There is nothing wrong with Vista's usability, and unless someone is VERY into shortcuts and is VERY picky with how windows are sized/etc, they will never notice a difference in vista/7 in terms of general usage.

          People refuse to try Vista, or don't know what they're buying and get home basic bundled with a cheap pick-up-and-go laptop or desktop (usually a dell) and then complain. People get Win 7 and use it, then get 500 bugs and brush it off when somebody else fixes it, and praise it as the best Windows ever blah blah blah.

          They don't forget, or ever care about security, as far as they're concerned, if it's win 7 it rules, and if it works, they don't care what's wrong with it.
          D2 Ultima
          • I'm not saying you are entirely wrong

            but MY personal experience is quite different. I have an HP Pavilion 6000 with 2GB ram that came preloaded with Vista Home Premium - this prior to any of the service packs. It was a pretty OS but to me incredibly sluggish and hard to work with. So I took out Vista and installed XP home and noticed a HUGE difference. About a year later I reinstalled Vista because of all the hype of how SP1 made things better, how SP2 was even better... and I was very disappointed once again.

            Enter Windows 7... THIS is what Vista should have been. It's is fast, responsive, and pretty. It does everything I need it to do far more quickly than Vista could ever hope for and so far I've had no issues with bugs or anything that impeded anything I tried to do with my machine. And on my Dell XPS desktop it is even better.

            As far as I'm concerned I tried Vista and found it lacking. I took another gamble with Windows 7 and the 3-user upgrade pack and so far it's been great. DT you throw a lot of conjecture around as far as Vista and 7 is concerned, have you ever tried 7?
          • Yes I have

            And I found some bugs that affect what I do, and what many other users would do as well. I'll admit it is quick, it runs about as fast as XP, but between Vista and 7 I see no real difference in speed on any of *my* machines. I also keep seeing people using windows 7 (especially on forums) and complaining about bugs upon bugs. If you check posts between a few years before 7 (SP1+ vista) there are far less bugs that people encounter. I got Home Premium Vista SP1 first last year and I have never had problems with it. It was on an HP pavilion laptop as well. 3GB RAM, dual core 1.83GHz processor, 250GB Hard Drive.

            I now use Vista Ultimate SP1 (because SP2 does have some problems) and I never get any problems with the OS itself, and very little problems with 3rd party programs. It may be my knowledge of the OS, but everybody I've ever set up Vista for has not complained at all about problems with how it works. People with windows 7 encounter problems and don't even know it, they just tell me "x just doesn't work, I need win XP" or "y isn't for win 7 cuz it doesn't run" etc. And at which point I show them it works on my vista machine, which should allow it to work on 7, or change some settings/run as administrator/etc and get their "problems" to work. But if it was vista, they call and complain that their stuff isn't working. It's just their attitude toward the OSes... There's a mental block to vista, and a mental openness/lax attitude toward 7.

            I'm not saying you used it and found it nice, nor that you were not impressed by Vista, but most of the users who use it and find it nice have UAC disabled and basically have it running a-la-Win XP. That's just my observation and conclusion
            D2 Ultima
          • Wrong

            The bugs you speak of are not Windows 7 related but are due to the fact the "application" is not compatible with Windows 7, that is not a Microsoft problem but a problem of the user not checking compatability.
          • @bckerr

            I know it isn't a problem with the OS itself, though I *have* encountered OS-related problems. But the thing is, the same origin of problems happen, and users react one way to Vista and another way to Windows 7. It's much the same way as the joke statement "Macs don't crash. They simply stop responding due to an incompatible application and restart the machine to fix the problem". Where anybody with 1/4 a brain reading it realizes that it's a crash.

            I'm not discussing the reliability/compatibility of the OSes themselves, but rather that people just treat them differently for no factual, logical or otherwise substantial reason other than one is Vista and the other is Windows 7.
            D2 Ultima
      • Security Trumps Reliability

        I agree....security is KING!
        • Try that working as an IT manager/CIO

          security is king in your mind. However in the real enterprise world you have users power users and stupid users. Most of them being on the latter. So your security is king logic would never fly in the corporate IT world. Granted you have to have security but it has to be done in a way that is not evasive to your end users.
        • I couldn't disagree more

          I agree that security is important insofar as it keeps your system running and your data from being compromised.

          The bottom line though is that your computer's entire reason for existence is as a tool to get work done. If said security renders the machine unusable, the security is worthless.

          Security and usability are ALWAYS a tradeoff. The most secure computer is one that's unplugged - but it doesn't get much work done. By the same token, an unprotected machine is likely to expose your data and end up not working - at least not very well.

          You always have to decide how much security you want and how much risk you're willing to accept to accomplish what you want to get done.

          It's true in real life and it's true in computing - regardless of OS, hardware platform or software company.
        • If that were the case...

          ...we'd all be running Solaris with Trusted Extensions.
      • Well this is because of people that don'tknow what there doing

        They want average people to buy there product to.So they can make more money then they can tweak the security as they go along. The more user friendly and reliable the more people will buy it. For Harry the home owner usability and reliability outrank security every time If they dont know how to use it or it keeps crashing they will be less likely to buy it. they can and security to it latter there is a lot of other programs to people can buy to help secure there system.

        Thank you,
        Have a great day,
      • You are missing the point

        Security is part tech and part human. " There is no patch for human stupidity"