Windows 7 Security and webpage Trojans

In the past few years, domestic webpage Trojans have become increasingly serious. No matter whether it's a white or black road, or attack or defense, it's all about this issue. We can see that there is a 0-day exploit for IE security vulnerabilities, such as last year's XML. Or the 0day of the ActiveX control, such as the owc security vulnerability for a while ago. In this process, security vendors either launch their own IE Plug-in monitoring, URL blocking, or anti-virus articles.

 

I have always been reserved for the effects of response-type software such as anti-virus. If you are interested, can you refer to the latest computer viruses? Article. In the real sense, the security improvement still depends on the improvement at the operating system level.

 

For example, the virus that used to guide the sector in the DOS era has been very popular, but with the improvement of the operating system, the virus has vanished on Windows, this is because the attack method has been blocked at the operating system level. To this extent, security improvement cannot be achieved by anti-virus software.

 

Vista is not widely used in China for various reasons, such as performance. It is still dominated by XP. Let's take a look at the current method of attaching a Trojan to IE/xp. The vast majority of cases are 0-day or security vulnerabilities that have been patched (users may not be updated in time), coupled with heap pollution, then the user's machine is infected. The effect is that the user accesses a malicious web page and finds the target.

 

Let's see what it looks like on win7. On win7, IE8 + Dep + alsr + sehop + low right. Currently, all the trojan mounting methods cannot be successful. In other words, even if IE8 has a zero-day security vulnerability, you will not be infected if you attempt to access a malicious webpage that has been infected with trojans on win7. No help from other anti-virus software is required. Of course, if you need to download an EXE file and run it again, there is no way.

 

The performance and Utility Models of win7 are much better than those of Vista. According to current feedback, the popularity of win7 will be very fast. With the replacement of XP, the phenomenon of webpage Trojans that have plagued everyone for so long will be greatly improved. Of course, attackers will always find new attack methods, but it is estimated that such an easy attack method as in XP will not exist. I also mentioned to my friends who work in the security field that I should evaluate the impact of win7 on their products. A new round of shuffling will take a year or two.