Microsoft listening to all the hue and cry about the UAC elevation security vulnerability and fixing it, is a good sign for two reasons -

1. It shows that Microsoft is not only soliciting feedback, but also incorporating it into Windows 7.
2. It definitely shows that MS understands that certain segments of the press are just waiting for an opportunity to start hammering Windows 7.

Here are some of my thoughts -

1. At the Engineering 7 Blog, there is a very nice write-up of the UAC change and the reasoning behind it.
   1. With this feedback and a lot more we are going to deliver two changes to the Release Candidate that we’ll all see. First, the UAC control panel will run in a high integrity process, which requires elevation. That was already in the works before this discussion and doing this prevents all the mechanics around SendKeys and the like from working. Second, changing the level of the UAC will also prompt for confirmation.
2. It was amazing to see the huge reaction to a single bug – to the extent that people started writing complete ‘Windows 7 loses to Vista in security’ posts and attacking Windows 7 and Microsoft.
3. Interesting that initially Microsoft had a very ‘we don’t really care about it, it’s ‘by design’ ‘ attitude to the issue. And glad that they realized how much of an issue it was becoming.
4. The press, or to be more precise, certain sections of the press really are looking to find a weakness in Windows 7 and go after it. This is even more clear when you see the hue and cry about the 6 versions of Windows 7. It’s unfortunate – however, it’s nowhere near as big of an issue as people make it out to be.
5. It taught me a lesson in the amount of influence a solitary blogger can wield (the blogger at I Started Something). His bringing up the issue helped it spread so quickly. Got to love the internet.

Strategy for Windows 7 Going Forward

At this point Microsoft just should just take it for granted that they are going to be attacked often and for ridiculous reasons – basically some journalists are trying to find an angle that’ll hold with the public. once they find this angle, they’ll just hammer on it until they can create a perception that Windows 7 is a flawed OS. There are a few areas that seem risky at the moment -

1. Pricing of the various editions. This is a huge area of concern, with people already floating rumors that the Windows 7 Starter Edition will be priced at $200.
2. Lack of Multi Touch Applications and also lack of hardware that supports multi-touch properly. Microsoft has to do a great job of setting expectations. Not to mention meet expectations by releasing good multi-touch applications.
3. Security – security has been, for as long as I can remember, one of the big Windows concerns that Linux advocates bring up. MS has to tread warily and fix security issues as soon as they come up.

The response from Microsoft to the UAC elevation vulnerability, and in particular their post about it, has been excellent. It really alleviates people’s concerns and the comments clearly show this. Here’s to hoping Microsoft keeps up the good work.

Related posts

• No related posts.

Filed under: Microsoft