The headline sounds quite a bit more sensational than the content, but bear with me here folks. According to Raimund Genes, CTO of the security firm Trend Micro, the User Account Control changes in Windows 7 make it significantly less secure out of the box than Vista was. Genes claims Microsoft has made design choices that sacrifice security, primarily in the name of usability.
"I was disappointed when I first used a Windows 7 machine that there was no warning that I had no anti-virus, unlike Vista," Genes said. "There are no file extension hidden warnings either. Even when you do install anti-virus, warnings that it has not been updated are almost invisible." "Windows 7 may be an improvement in terms of usability but in terms of security it's a mistake, though one that isn't that surprising. When Microsoft's developers choose between usability and security, they will always choose usability," Genes argued.
This is an interesting theory, but is Windows 7’s really less secure? Some might argue that when dealing with the general public, security and usability is a delicate and important balance. If you nag and warn users too much about non-critical security issues, they tend to eventually tune out or pay less attention to them. For example, if UAC prompts are so frequent that they interfere with your work, you’re less likely to stop and examine each one to determine its validity.