True, the goals for Windows 7 sound a little less pie-in-the-sky than Vista's concept of Three Magical Pillars of Trusted Computing, or whatever it was supposed to be. I scoped out security elements in both the beta and the Release Candidate. Now that I've had a chance to look at the final code, too, it's clear to me that Security in Windows 7 is better than in Vista—just not hugely so.
Not-Quite Automatic Updates
Installing the beta and RC editions went quickly because I performed a clean install on a test system. Upgrading my production system to the final version of Windows 7 took more elbow grease. I did run the Windows 7 Upgrade Advisor and followed all its advice, upgrading some programs, replacing Windows Mail with Windows Live Mail, and so on. The upgrade took well over three hours. On the plus side, I didn't have to sit around for all that time answering questions—that style went out with Windows XP.
Back in beta days, I observed that the installer gave me a Vista-style choice whether to enable Automatic Updates; that hasn't changed in the final edition. Microsoft publishes important security patches every month and then lets any superstitious user suppress these patches based on fear and rumors? Bad idea.
Yes, the installer "recommends" enabling automatic updates. I'd like to see Windows 7 configured for fully automatic updates on installation. Let the user figure out how to turn it off! Switching this update model from opt-in to opt-out would, in one simple step, rid the world of millions of unpatched machines that succumb to every Web-based exploit and drive-by download. Maybe in Windows 8...
Windows 7 didn't grumble about my Norton Internet Security 2010 installation, nor did Norton interfere with the upgrade. Without Norton in place, the new Action Center would have alerted me to the absence of antivirus protection. The old Vista Security Center just monitored firewall and anti-malware protection, plus automatic updates. The Action Center that replaces it also reports problems with spyware protection, Internet security, User Account Control, system maintenance, and more.
The Action Center's icon in the notification area replaces five separate icons found in Vista, and according to the Windows 7 developer blog, should only pop up a notification for matters that require an action from the user. You shouldn't see any more pop-ups that simply convey information; any pop-up will be important and actionable. I like that!
So, what's the first thing Action Center warned me about? "Windows will install updates as scheduled," that's what! It went on to say that installing updates might cause my computer to restart. That's a true statement, but is this any way to encourage users to keep their systems patched? Just warn me before any actual restarts, I say.
If you don't have antivirus or antispyware protection installed, the Action Center will nag and nag until you give in and install something it recognizes. Windows 7 recognizes just about every modern security product; if you manage to find one it doesn't know you can turn off that nagging message. When the beta test began, the link for security software information online went to an "under construction" page.
By the time Windows 7 RC rolled out, that page included links to seven major vendors with compatible beta products. At present the Windows 7 security software page lists over 20 vendors with compatible security products. The non-exhaustive list includes just about every major security vendor. For free protection try Microsoft Security Essentials 1.0, AVG Anti-Virus Free Edition 9.0, or avast! antivirus 4.8 Home Edition.
On my first day with the Windows 7 beta, I was barraged by User Account Control pop-ups because Microsoft was still working on taming the annoying UAC. The final Windows 7 is definitely an improvement as far as the number of pop-ups, and it also offers better choices for adjusting UAC.
If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog: