Microsoft is continually adding security mitigations to its Windows operating system, with Windows 7 being the company’s most secure platform to date.
The variety of mitigations in the company’s OS are not designed as impassible barriers, since in fact, given sufficient time and resources, all can be bypassed successfully.
But then again software security is more like a chess game, with Microsoft needing to stay one step ahead of attackers.
Provided that the company manages to make it extremely complex or very expensive for cybercriminals to prey on Windows users, it will also successfully divert attacks and keep them safe, without the need for actual security barriers in the code.
However, all Windows mitigations are useless if they’re switched off. I’m following the software giant’s Patch Tuesday releases closely each month, and I can tell you that on more than one occasion the security mitigations in the latest releases of Windows make it harder for attackers to exploit vulnerabilities, while users still running Windows XP are more exposed to risk.
KB969417 deals with helping customers improve computer security, as Microsoft put it. The Knowledge Base article offers a Fix it solution, namely automatic diagnostics and fix capabilities for Windows security issues.
While it works with Windows 7, it’s also designed to function, at least to some degree, with older versions of Windows.
“On a computer that is running Windows XP, Windows Vista, or Windows 7, you can enable the following security features to improve computer security:
- Windows Internet Explorer Phishing Filter (in Internet Explorer 7) or SmartScreen Filter (in Internet Explorer 8 and Internet Explorer 9)
- User Account Control (UAC)
- Data Execution Prevention (DEP)
- Windows Firewall.”
Even with Windows 7 being the last release of Windows, additional protection implies that features such as SmartScreen Filter, UAC and DEP be enabled.
Running with any of these security mitigations disabled simply means that users make it that much easier for attackers to exploit vulnerabilities on their machine and compromise their computer.