Microsoft is continually adding security mitigations to its Windows operating system, with Windows 7 being the company’s most secure platform to date.
The variety of mitigations in the company’s OS are not designed as impassible barriers, since in fact, given sufficient time and resources, all can be bypassed successfully.
But then again software security is more like a chess game, with Microsoft needing to stay one step ahead of attackers.
Provided that the company manages to make it extremely complex or very expensive for cybercriminals to prey on Windows users, it will also successfully divert attacks and keep them safe, without the need for actual security barriers in the code. More »
When it comes down to bulletproofing systems, users should always opt for the latest releases of the Windows client. Volume eight of the Microsoft Security Intelligence Report (SIRv8) makes this perfectly clear, per the Operating System Trends analysis performed by Microsoft with data gathered from in excess of 500 million computers worldwide. Windows 7 RTM and Vista SP2 are the apex of security for the Redmond company as far as Windows clients are concerned.
Infection rates for both Windows 7 RTM and Vista SP2 are considerably lower than their predecessors, with the 64-bit (x64) flavors of the two platforms superior to the 32-bit (x86) versions. The statistics offered in SIRv8 reflect data collected from over half a billion Windows computers worldwide in the second half of 2009. Since Windows 7 was released on October 22nd, 2009, SIRv8 also includes information on Vista’s successor.
“Windows 7, which was released in 2H09, and Windows Vista with Service Pack 2 have the lowest infection rate of any platform on the chart. The 64-bit versions of Windows 7 and Windows Vista SP2 had lower infection rates (1.4 for both) than any other operating system configuration in 2H09, and the 32-bit versions both had infection rates that were less than half of Windows XP with its most up-to-date service pack, SP3,” Microsoft reveals in the report. More »
Internet Explorer 8 includes a security feature that shuts down misbehaving applications before they can harm your system.
This capability, known as Data Execution Prevention (DEP), runs by default when IE 8 is installed on XP SP3 and Vista SP1 or later, but it may not always be clear to you why DEP has put the brakes on one of your PC’s applications.
DEP is the best reason I know for updating to Internet Explorer 8 and Vista SP1. For many years, Microsoft has included DEP which is also called No-Execute (NX) only in parts of Windows. For example, DEP is available in IE 7 but is off by default to avoid conflicts with old, incompatible programs.
DEP is now a key part of Vista and Internet Explorer 8. When I try to install older software on newer machines, I must configure Data Execution Prevention to allow the software installer to run with DEP disabled.
To open the Data Execution Prevention dialog in XP, open Control Panel, choose System, and then select the Advanced tab. Click the Settings button in the Performance section and select the Data Execution Prevention tab. In Vista, choose Performance Information and Tools, click Advanced Tools in the left pane, select Adjust the appearance and performance of Windows, and click the Data Execution Prevention tab. More »
This tips helps you enable or disable Data Execution Prevention (DEP) for Office applications.
To enable or disable DEP automatically, click the Fix it button or link. Click Run in the File Download dialog box, and then follow the steps in the Fix it wizard.
Note this wizard may be in English only; however, the automatic fix also works for other language versions of Windows.
Note if you are not on the computer that has the problem, save the Fix it solution to a flash drive or a CD and then run it on the computer that has the problem.
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base: More »