Thus far, is Windows 10 more or less secure than Windows 7 64-bit?

[VirtualLarry]

Just curious if anyone had any opinions on this subject, or better yet, any hard data.

I'm mostly talking about drive-by downloads / scamware / etc., that you would be exposed to during daily web browsing, and how well the OS (and browser!) mitigates or prevents the risk.

(Yes, I know that Firefox and friends aren't sandboxed, or run in a lower-privilege state, which makes them more vulnerable than IE or Chrome. But my anecdotal experiences are that as long as you keep them updatated, they're fairly safe to use day-to-day. If it really matters, use Linux.)

 

[Puffnstuff]

Since 8 windows has loaded the security kernels first in protected mode including 3rd party aps like Malwarebytes. This arrangement is the best you can have at the moment and has worked well for me against the scripts buried in ads that try to hijack the browser. Really its up to you but I wouldn't want 7 on my pc again and once hard core 7 users understand the benefits of having your security in protected mode they don't want it either.

 

[Ketchup]

I haven't run into anything yet. And I have a few contacts/relatives that have been on 10 for close to a year and also haven't run into anything. All but one are running MSE as the only real-time protection. Most of them aren't what I would call "virus targets" but nobody seems to be doing any worse for the upgrade.

 

[JackMDS]

There are few aspects to what it called secure.

One of the main discriminator is being Target just by the fact that it exist, like Banks, Big corporation, Gov. etc.

Versus end users (like most of the people here) that their security issue are depending on where they go on the Internet, where and what they Download, and what they install and Run.

Talking about End-User their security improved. If some one belongs to the inappropriate Internet behavior group, the probability that some Junk would be used unknown to the user is smaller and there more frequent warning about it from Defender and other enhancements.

That said, most of End-Users do not understand the issue, and do not know what to do about it. So they get a warning and do not know how to pursue dealing with it.

 

[TheRyuu]

Yes Windows 10 is clearly a more secure operating system. It's important that we separate the concepts of security and privacy. There are good arguments that Windows 10 is not as privacy friendly but is certainly a more secure operating system against malicious threats.

You can see the number of new mitigation technologies that are available on Windows 8 and Windows 10 from this chromium sandbox design document[1]. Force relocate is available on Windows 7 but that's one of the few (along with DEP and SEHOP) that are. Many of these are Opt-In but most Microsoft software and software shipped with Windows by default makes use of many of these. I would not be surprised if Windows Defender has also been improved over the years.

There's also been continuous improvements in hardening the kernel. There are many under the hood changes where are not otherwise visible to the user. Some of it is documented on this blog[2]. One example of a somewhat visible change is the introduction of CFG in Windows 8.1 Update 3[3].

These are just a few examples but they do take security pretty seriously and it's visible at the continued improvements over the various Windows versions since Windows 7.

[1] https://www.chromium.org/developers/design-documents/sandbox#TOC-Process-mitigation-policies
[2] http://www.alex-ionescu.com/
[3] http://www.alex-ionescu.com/?p=246

 

[mikeymikec]

Re: Hard data - if I were inclined to pursue this point, I would count known vulnerabilities by Windows version. When I've checked in the past (I think the last time was when when people were claiming that Win8x was so much more secure than 7), most vulnerabilities affected recent-ish versions of Windows NT x equally. Where there were differences, it was usually the newer version of Windows (specifically targeting newer features/components) that had more vulnerabilities. It's one thing to say "but version X has these new features that should help curb exploitation", but in reality it's simply the next hurdle to overcome, business as usual for people writing exploits and/or researching vulnerabilities.

If Win10 is the last version of Windows, it would be interesting to compare vulnerability counts shortly before Win7 reaches its EOL, by which time Win10 can be considered pretty mature (hopefully). A fact of the matter is that modern versions of Windows share a lot of common code, and most exploit writers will always be interested in targeting as many people as possible.