Pender's Blog

Blog archive

Windows 7 Under Attack

Already? It's been not quite a month since Microsoft finally let Windows 7 into the wild, and wouldn't you know that hunters are already taking shots at it.

Or, at least, they can see the targets on its back. This week, Microsoft offered advice on how to deal with a zero-day vulnerability that appears to be the new operating system's first post-release flaw.

The problem, as you surely know by now, is with the SMB networking protocol in Windows 7 and Windows Server 2008 R2. Microsoft says that anybody who knows how to put up a decent firewall shouldn't feel the effects of the flaw, which could include denial-of-service attacks. (Hey, where were those denial-of-service attacks on Vista when we needed them? Heh heh. OK, that's the last one. We promise. Probably.)

Perhaps more worrying, though, is the potential for Trojan attacks to follow a Windows 7 activation hack that somebody came up with last week. The idea is -- as it usually is with a Trojan attack -- that Trojans could disguise themselves as Windows 7 activation hacks and fool users. However, Microsoft has said that if the Windows 7 activation Trojans are as harmless as the current USC Trojans, users should have no reason to worry. (OK, Microsoft didn't really say that. But it's kind of true.)

All of this is, of course, pretty much par for the course when it comes to Windows, and nothing here seems serious enough to warrant panic. But these stories are just an example of how complex an OS really is and how quickly and easily ne'er-do-wells can find a way to ruin it.

And they do makes us wonder whether the risks of cloud computing -- so well-documented here and elsewhere over the last couple of years -- are really that big of a deal after all. And it makes us wonder how much longer the huge, complex OS as a concept has to live...but that's another entry for another time.

What's your take on Windows 7 security? Have you had any serious problems with it yet? Send your stories to lpender@rcpmag.com.

Posted by Lee Pender on 11/18/2009 at 1:22 PM


Featured

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

  • Windows 10 Version 1809 Users May Get Visual Studio Crashes

    Microsoft on Friday issued an advisory for Windows 10 version 1809 users about possible Visual Studio crashes.

  • Standardizing the Look of Outlook's Outbound Messages

    Microsoft typically gives users a blank canvas to compose new e-mails in Outlook. In some corporate environments, however, a blank canvas isn't a good thing.

  • Windows 10 'Semiannual Channel Targeted' Goes Away This Spring

    Microsoft plans to slightly alter its Windows servicing lingo and management behavior with its next Windows 10 operating system feature update release, coming this spring.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.