Windows 7 Security issues

Microsoft already has a very large user base, so what is the most important security challenge when Microsoft is developing Windows 7 o'clock?

Good technical protection requires the user to make informed decisions to protect themselves from malicious attackers and malware. UAC has been improved in Windows 7 to reduce the number of pop-up prompts, while helping to move ecosystems to an environment where everyone can run as the default standard user. Other enhancements include new SmartScreen filters and clickjacking defense technologies, which are mainly deployed in IE8.

When developing a new version of Windows, are malicious attackers and various attacks a major problem for the new operating system?

Clearly, the motives and complexities of malicious attackers have changed dramatically over the past few years, and our security researchers and others continue to work to understand the current and future threats that can help us better build protection mechanisms into new systems, Allows the user to not get and run malicious code in unknown circumstances. In addition, we have been working to make Windows internal protection mechanisms protected from tampering and avoidance threats.

How has the security community reflected the WINDOWS7 operating system since it was released? Are you satisfied with the feedback? What did you learn from it?

So far, the response of the security community to Windows 7 is good, although there are some problems with UAC and some of the changes we make, but it also shows that we can listen carefully and eventually produce the products that we are satisfied with.

What is the fundamental difference between Windows 7 and Vista in terms of security?

In fact, the Windows 7 operating system is built on the basis of Windows Vista and is well developed, and Windows 7 also covers the security Development lifecycle (Secure development lifecycle). This is the core security technology of Vista. In addition, other important security features from Vista, including user Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address space layout randomization (ASLR), and Data Execution Prevention (DEP), are also retained in Windows 7. In addition, we have added new security features, such as AppLocker to help control applications running in your own environment, and we have also enhanced the capabilities of the core BitLocker driveencryption, making it easier for IT organizations to deploy and manage this technology in their own environments. It can be said that the combination of IE8 Windows 7 provides flexible security to prevent malware and attacks.

How does a usability problem affect Microsoft's decision in this respect?

Our goal for Windows7 is to make it the safest operating system ever, and we've been developing the system thinking about how to combine advanced security with ease of use.

DirectAccess and BranchCache are the functions that help remote employees work, so how are these two functions working? How do you protect the data?

DirectAccess is a breakthrough technology that allows employees to connect seamlessly and securely to their corporate networks via the Internet. DirectAccess enables functionality by automating a two-way secure connection between client computers and the corporate network, based on reliable standards-based technology such as Internet Protocol Security (IPSEC), a protocol that helps protect IP traffic through authentication and encryption, As well as Internet Protocol version 6th (IPV6), IPSec is used to authenticate computers and users, allowing IT personnel to manage computers before they log on, and it can require users to authenticate using a smart card. DirectAccess also uses IPSec to AES encrypt communications on the Internet.

When making remote access to the corporate network, BranchCache can help enhance the responsiveness of the network to central applications and make users feel like they are on their own LAN office. BranchCache can also help reduce the use of wide area networks, when BranchCache is enabled, a copy of the data accessed from the internal network and file server is cached in the local office, and the client is able to download it locally when another client on the same network requests that the file be used. Without the need to download the same content over the WAN. And this is done without reducing data security, and access-controlled cache files are executed in the same way as the original file.