New code makes Windows 7 vulnerable to hackers


Windows 7 will open up more opportunities for malware authors as they target flaws from the new nature of the operating system.

This was one of the predictions of security company Websense, which expected criminals to target new code in Windows 7 that was not present in Vista or XP.

In fact, Microsoft released patches for Windows 7 before it was even released.

In an interview with IT PRO, Carl Leonard of Websense said that any new software brought opportunities to malware authors, who would target version specific vulnerabilities in the code.

"There might be features in version 7 that don't exist on Vista or XP," he said. "There could be new user interface traits that malware authors may like to take a look at."

"We're expecting exploit code to target some of the code in Windows 7. Whenever you introduce new code there's always the likelihood of malware authors capitalising on it as much as they can."

Microsoft also adjusted the way that User Access Control worked, avoiding the way Vista allowed pop-ups every time a change was made to the system, which users found frustrating.

There are now four levels of User Access Control, and users who did not understand the reasons for deploying them could find themselves vulnerable if these were disabled.

Of course, Windows 7 could also be vulnerable to browser and plugin attacks, which no security control in Windows 7 could do anything about.

Leonard said: "As new versions of very popular software are made available, malware authors focus their attentions on those in order to push out code that are essentially zero-day attacks."