Hundreds of gimmicks Further - Security improvements in Windows 7

When Microsoft began to aggressively launch the Windows 7 program, the outside world has long been arguing about this new operating system.

After all, Vista is coming out, and will the new operating system really bring a better experience to users? For users who have long been concerned about the Windows operating system, whether security can be improved is more worthy of attention. Although Apple released the words "Windows7 is just Vista plus a few patches", but everyone has reason to believe Microsoft, I believe that this new version of the change will not be so simple.

First, UAC improvements

In fact, when Vista has UAC function, the outside world is arguing, which improves the user experience while improving security. Thus in Windows 7, Microsoft began to let users choose the UAC notification level, and also improved the user interface to enhance the experience. The biggest improvement in UAC in Windows 7 is that it provides more control options in the control panel, and users can choose the appropriate UAC level according to their needs.

Enter "Secpol.msc" in the start menu search box and press Enter. Open the local security policy editor, select "Local Policies" → "Security Options", then find the "User Account" in the list on the right. Control: Administrator's promotion prompt behavior attribute in the administrator approval mode, the user can see that there are six choices in the drop-down list in the "Local Security Settings": no prompt, direct promotion; prompt credentials on the secure desktop Agree to prompt on the secure desktop; prompt credentials; consent prompt; consent prompt for non-Windows binaries. It is necessary to mention "non-Windows binary consent prompt", this option can be a good way to filter Windows system files and directly use UAC function for the application, which is the highlight of Windows7.

Another intuitive modification method is to enter the control panel user account change interface, click "Change User Account Control Settings", UAC settings under Windows 7 provides a slider to allow users to set the level of notifications. There are 4 ways to choose, but obviously the above method is not flexible.

Second, Behavior Center

Windows7 removed the SecurityCenter (SecurityCenter) that was originally introduced with Windows XP SP2 and switched to Action Center. This includes security centers; issues, reports, and resolvers; Windows Defender; Windows Update; Diagnostics; Network Access Protection; Backup and Restore; Recovery; and UAC mentioned above.

After entering the behavior center, Windows7 supports WindowsDefender to quickly scan local computers. We scanned the system disk in the Lenovo T61 notebook, which took only 33 seconds and scanned 34,931 resources. Although it is not good to define how high the security of the system itself is, WindowsDefender is a software with high system compatibility. Said that this scanning speed is already very good.

In fact, WindowsDefender's features in the settings center can also make it perform better. Real-time protection allows you to scan downloaded and running programs. It can also be filtered for specific file types and paths, and supports scanning of mail and mobile storage, and so on.

In the security settings, the user can clearly see the activation status of the current system services, and the maintenance area can also display information such as detection problem reports or backups.

Three, new firewall function

The biggest feature of the firewall under Windows 7 is internal and external defense, through the Homeorworknetworks and Publicnetworks to protect the internal and external networks.

The advanced setting project is also more comprehensive. Through the inbound and outbound rules, the current network circulation can be clearly outlined, and the operation of the configuration file and the introduction of the strategy are greatly improved. I believe that in the future update and upgrade, Windows7 firewall will have more use.

Fourth, security deployment details & Summary

Like XP, Vista, Windows7 security deployment also needs to learn from the Windows series of security processes. This near-universal approach provides a better guarantee for Windows 7 security.

1. Account Issues

The vast majority of hackers, after gaining root privileges, will be in a situation of no one. The security of the account has become a top priority. As you all know, the Administrator level account can have enough high authority to control Windows. So it's necessary to give the Administrator an unnoticed name, but don't use a name like Admin, because in many hacker tools, the authentication of Admin is no less frequent than the Administrator.

In addition, the Guest account is stopped in the user management, and it is not allowed to log in to the system at any time. Of course, this method is more suitable for personal PCs. If you often encounter multi-user login or restricted login, it is best to set a common password for the account to shield the invasion of the external network.

2. Sharing problems

Enter "netshare" under CMD to view shared resources. There are IPC channels, documents and printers shared, of course, the default system may also include the sharing of hard drives. The prohibition method is as follows:

netsharec$/delete (delete C drive sharing, other drive letters are similar)

netshareipc$/delete (delete IPC share)

Of course, this also It can be easily implemented by the WIndows 7 optimization master.

3. Port problems

There are some ports in the system that are very dangerous. Hackers can control our computers through these ports, such as port 3389. Before you shut down, you need to know about the computer. Port, enter "netstat-an" under CMD, see open ports 135, 139, etc., you need to disable it. This method is best monitored or closed directly through a dedicated firewall, which is more convenient and faster than the system filtering method.

It’s obvious that “Windows 7 is just Vista plus a few patches” is slightly biased, but Windows is by no means invulnerable. We can understand some of the complaints and doubts from the outside world and competitors about Microsoft, but there is no doubt that Windows 7 does have a better performance in terms of security. The UAC vulnerability is just an event that has been magnified by public opinion.

In the face of such a huge code camp, Windows 7 built by many computer experts is bound to exist, just like Windows2000 faces Windows98, WindowsXP faces Windows2000, WindowsVista faces WindowsXP, even if it is still flawed Windows 7 is also destined to be a driving force in the history of operating systems.