With the appearance of Windows 7's Release to Manufacturing (RTM) build, Microsoft may be hoping that it can finally dismiss Windows Vista as an unsuccessful experiment that paved the way for something better.
The company is obviously hoping that Windows 7's new and enhanced features will be enough to entice users back into the Microsoft fold and finally put Windows XP to rest. But the real question is: Will Windows 7 come across to prospective users as a new product or just a rehash of Windows Vista?
The only way to answer that question is to take an in-depth look at what is new and different about the new OS. I've noted which features are new, which are improved (in other words, have the same functions but perform them better), and which are enhanced (which have had new functions added).
Note: Most of these changes were discovered during my hands-on examination of Windows RC1 (which was reviewed for Computerworld by Preston Gralla.) I've been informed by a Microsoft representative that the only significant differences between this version and the RTM is that Windows Starter Edition is no longer limited to only three active applications at the same time (a change which was announced back in May), and that the desktop has a new default background.
One of the biggest complaints about Windows Vista was security. The reality is that Vista did offer several security enhancements over Windows XP, but the way Microsoft went about those enhancements was problematic, to say the least. Users were hassled by frequent pop-ups, with cryptic messages that only seemed to complicate matters.
Microsoft's underlying security improvements were actually introduced with Windows XP SP2 and enhanced with Windows Vista, leaving most of the security fixes under Windows 7 to be relatively minor changes. Yet those changes will make a big difference in the user experience.
User Account Control (UAC) (enhanced)
UAC has undergone several changes and enhancements to make it more user friendly, but without sacrificing essential security. First, users can reduce the frequency that UAC asks for permission to install or change a program. Users also have the option to turn off permission requests and set UAC to notify only.
AppLocker is a new feature that allows users to restrict program execution based upon firewall profiles. That could prove to be a handy feature for portable systems that are used both in a business environment and a home environment. Applications that are deemed less secure can be disabled when a user is connected to a corporate network and re-enabled when on a home or public network.
AppLocker also features in-depth application controls, which can be used to define polices to allow or prevent an application from launching.
First introduced in Windows Vista, the BitLocker disk encryption feature has gone through some evolutionary changes which make it easier to use. BitLocker now supports single key instances, allowing data to be recovered using a common encryption key assigned by the network administrator.
BitLocker Mobile is a new addition -- it's an encryption scheme that can be applied to removable devices, such as USB drives, to keep information secure while in transit. Network policies can be defined to require all users to encrypt data on removable devices, perhaps preventing data leakage problems.
System Application Permissions(improved)Microsoft has reduced the number of applications that require administrator-level permissions to execute. With Windows 7, users will be prompted less frequently for permission to run system applications, which were once thought of as an administrator-level event.
Action Center (new)
Action Center is a new security management feature that rolls all alerts and warnings into a single console, available from the Windows taskbar. Action Center informs the user of several events, including security problems, diagnostics and solutions. Having a single console is a much more efficient way to deal with the numerous events, warnings and messages that Windows tends to broadcast -- unlike Windows Vista, where warnings and messages would pop up at different times and were stored in different logs, making it hard to consolidate critical information for troubleshooting problems.
Windows Defender (improved)
Windows Defender, Microsoft's anti-spyware product, sports a new interface that is much easier to understand than previously. What's more, Windows Defender now integrates with the new Action Center, which helps to keep users better informed. Under the hood, Windows Defender has been improved to provide more reliable continuous monitoring.
Windows Firewall (enhanced)
Windows Firewall offers better integration with third-party security applications, which can now add extended features or provide customized firewall policies. Windows Firewall now supports multiple profiles, which can be active concurrently or separately based upon a user's connection status or other defined policies.
Other security enhancements and improvements include support for newer security devices, such as biometric access devices, as a means of logging into Windows 7. That feature will prove handy for the scores of notebook computers that sport fingerprint readers. Windows 7 also has plug-and-play support for smart cards based on elliptic curve cryptography (ECC), a highly secure method of storing data.
Another change: The autorun feature is now disabled by default for all media except for read-only CDs and DVDs. This should prevent drive-by virus attacks from USB key drives or other forms of rewritable media.
Although Windows 7's new and improved security features are welcome, they will not eliminate the need for third-party anti-virus and anti-malware products.