Windows 7 may be secure, but are Windows users safe?
Windows 7 users got a nice surprise on Tuesday when Microsoft released its first set of security patches since unveiling the new operating system last month. Of the 15 bugs patched, none affected Windows 7.
When Microsoft launched Windows 7, it was billed as the company's most secure release ever -- the culmination of a nine-year "Trustworthy Computing" effort to shore up a product line that had been riddled with major security holes.
But does stress-tested software really matter to Microsoft's customers, seemingly besieged by more online attacks than ever before? Microsoft had years to improve Windows XP, but the Conficker worm, which began spreading last year, is now thought to have infected more than 7 million Windows machines. And for every Windows bug that gets squashed, hackers seem to find new problems in the software that runs on top of Microsoft's operating system -- Flash Player, QuickTime and Java.
"Windows 7 is definitely by far the most secure system they've shipped," said Dave Aitel, chief technology officer with Immunity, a security company that spends a lot of time finding the latest software bugs. "I guess the question that everybody is asking right now is, 'Is this enough?'"
The man behind Microsoft's Trustworthy Computing initiative, Chief Research and Strategy Officer Craig Mundie, says the industry still has work to do. “We’ve made huge progress with respect to security around the core OS technology in the Windows PC," he said in a recent interview. "But as we did that and the 'Net became more prevalent, the bad guys continued to evolve their attacks."
This is Microsoft's conundrum. Windows may be safer, but cyber-criminals still have plenty of other places to attack. And when you can hit hundreds of millions of users with a single attack, why change the game plan? So most of the worst attacks today still target PCs running Windows, whether the OS itself is secure or not.
Windows 7 users got a nice surprise on Tuesday when Microsoft released its first set of security patches since unveiling the new operating system last month. Of the 15 bugs patched, none affected Windows 7.
When Microsoft launched Windows 7, it was billed as the company's most secure release ever -- the culmination of a nine-year "Trustworthy Computing" effort to shore up a product line that had been riddled with major security holes.
But does stress-tested software really matter to Microsoft's customers, seemingly besieged by more online attacks than ever before? Microsoft had years to improve Windows XP, but the Conficker worm, which began spreading last year, is now thought to have infected more than 7 million Windows machines. And for every Windows bug that gets squashed, hackers seem to find new problems in the software that runs on top of Microsoft's operating system -- Flash Player, QuickTime and Java.
"Windows 7 is definitely by far the most secure system they've shipped," said Dave Aitel, chief technology officer with Immunity, a security company that spends a lot of time finding the latest software bugs. "I guess the question that everybody is asking right now is, 'Is this enough?'"
The man behind Microsoft's Trustworthy Computing initiative, Chief Research and Strategy Officer Craig Mundie, says the industry still has work to do. “We’ve made huge progress with respect to security around the core OS technology in the Windows PC," he said in a recent interview. "But as we did that and the 'Net became more prevalent, the bad guys continued to evolve their attacks."
This is Microsoft's conundrum. Windows may be safer, but cyber-criminals still have plenty of other places to attack. And when you can hit hundreds of millions of users with a single attack, why change the game plan? So most of the worst attacks today still target PCs running Windows, whether the OS itself is secure or not.
