Linked by Thom Holwerda on Tue 10th Nov 2009 09:31 UTC
Windows Last week, security vendor Sophos published a blog post in which it said that Windows 7 was vulnerable to 8 our of 10 of the most common viruses. Microsoft has responded to these test results, which are a classic case of "scare 'm and they'll fall in line".
Thread beginning with comment 393911
To read all comments associated with this story, please click here.
Comment by simon17
by simon17 on Tue 10th Nov 2009 21:39 UTC
simon17
Member since:
2009-08-21

So Windows 7 is immune to 2/10 popular viruses even when the user double-clicks the executable and then hits allow?

I think that's pretty good!

Reply Score: 2

RE: Comment by simon17
by linumax on Wed 11th Nov 2009 00:05 in reply to "Comment by simon17"
linumax Member since:
2007-02-07

That's the whole point. Unfortunately so far in the comments, like usual, the discussion has gone into OS politics.

These guys intentionally executed viruses that 8/10 didn't need permission elevation (functioned at local users level) and Windows rightfully allowed them to execute. I mean we're techies here, we understand there's no magic involved in preventing something like this. However, Sophos can (ab)use it as a marketing tool when selling AV to normal users.

Reply Parent Score: 2

RE: Comment by simon17
by lemur2 on Wed 11th Nov 2009 00:29 in reply to "Comment by simon17"
lemur2 Member since:
2007-02-17

So Windows 7 is immune to 2/10 popular viruses even when the user double-clicks the executable and then hits allow? I think that's pretty good!


Just curious here ... how do you imagine that Windows verifies that it was a valid user who caused the executable to be run and then caused a "click" to be registered on the allow button?

It seems to me that Windows doesn't verify that at all. No entry of a valid password is required.

In addition, apparently Windows 7 automatically elevates the permission level of several Windows utilities without even a UAC prompt.

Edited 2009-11-11 00:30 UTC

Reply Parent Score: 2

RE[2]: Comment by simon17
by PlatformAgnostic on Wed 11th Nov 2009 21:33 in reply to "RE: Comment by simon17"
PlatformAgnostic Member since:
2006-01-02

If he doesn't have malicious software running to begin with, who else but the user could possibly issue the 'click' that starts up a trojan?

Reply Parent Score: 2