Windows 7 has many security shortcomings compared to Windows 8, including its use of complex text-only passwords that are easy to forget, improper virtualization that does not provide Windows 7 security controls to the XP virtual machine, limited firewall functionality, hiding of file extensions that makes it easier for malware to disguise itself, and other issues like the UAC being able to be disabled without notification. While Windows 7 is currently more popular than Windows 8, its security shortcomings will likely drive more users to upgrade to Windows 8 which addresses many of these issues and provides stronger overall security.

1. Review on the Shortages in Windows 7 Security Performance
With the release of Windows 8, it is common to see that Windows 7 users are
hesitating whether they should change their operation system into Windows 8.
Recently, a piece of news, which can be seen all over the websites, says that Windows
7 has outnumbered Windows XP, becoming the best-seller among all the Windows
operation systems in the history of Microsoft, even though the sales of Windows 8 are
in full swing. However, many insiders say that the success of Windows 7 now won’t
last long. On one hand, the new strong security performance in Windows 8 is
remarkable. In their opinions, the peer performance of the sales of Windows 8 for the
time being may be because of the shortage of Windows 8 programs. For instance,
users can choose a Windows 7 password recovery tool among many tools. However,
if it is a Windows 8 Picture Password, they may find it’s hard to buy a
widely-recognized tool, for the password itself is new. On the other hand, they insist
that the most important point is that there exist many shortages in Windows 7 security
performance, which will drive Windows 7 a defeated opponent of Windows 8 in the
near future.
psy2k-Windows 7
Tedious Password in Windows 7
As we all know, in Windows 8, users are offered three forms of passwords: text
password, Picture Password and PIN code. They can feel free to choose one of them
to set a password or they can also combine the above three password forms. As for
the Picture Password, users can design three gestures to be a part of the Picture
Password and they need to draw the gestures on the screen to log in the system. In
this case, the password can be easy to remember and safe enough. However, users
can only take use of traditional text password in Windows 7, an outdated password

2. form, which is widely used since the release of Windows Server 2003 and cannot be
too familiar for password hackers. Meanwhile, the text password should meet
complexity requirements by default. The password should be at least six characters
long and contains English uppercase/lowercase characters, digits as well as
non-alphabetic. As a matter of fact, text password has long been regarded as a kind
of complex password, and no one can deny that it is pretty easy to be forgotten. As a
result, users in Windows 7 may often face the dangers to lose their data once their
passwords are forgotten. Actually, it’s a common problem for all the operation
systems before Windows 8.
Improper Virtualization in Windows 7
In Windows 7, Microsoft continues the Windows XP Mode virtualization, which
can be useful when there are software applications or legacy hardware devices that
won't work under Windows 7. However, the problem lies in that it is completely in
Windows XP environment that is not protected in any way by the Windows 7 security
controls. Besides, by default, Windows auto-maps drive from the XP virtual machine
to Windows 7 machine. In fact, if this mode of virtualization is not properly protected,
it could be a major malware vector, because you need to run and manage
appropriately a full security suite within a virtual machine. Now, we can see in
Windows 8 Pro that a native hypervisor is now included and Storage Spaces succeeds
Logical Disk Manager and allows the organization of physical disks into logical
volumes in a high abstraction level.

3. Windows Firewall in Windows 7
Windows Firewall is a software component in Microsoft Windows which can
provide firewalling and packet filtering functions. Its original attempt is for
incorporating personal firewall protection. Some complaints about the Windows
Firewall in Windows 7 is that it only restricts inbound traffic but won’t provide any
mechanism for filtering or blocking traffic outbound from the Windows PC, though
there are some improvements, such as multiple active profiles. As a result, many
Windows 7 users may tend to make use of third-party software, which is
resource-intensive to eat up too many resources.

4. Hidden File Extensions in Windows 7
In order to make the files in Windows 7 simple and user- friendly, all the known
file extensions are hidden by default. In other words, rather than displaying a full file
name like “passwordreset.docx”, Windows 7 will only display “passwordreset”.
However, as said by Chet Wisniewski, senior security advisor at Sophos, hiding file
extensions will make it much easier for email Trojans to use double extensions to
trick users into launching their payload. Files named FinancialStatement.doc.exe will
appear to the user as FinancialStatement.doc with an EXE icon. Actually, in Windows
8 Pro, the shortage hasn’t been improved yet, but it has attracted extensive attention
and we can look forward the enhancement in the following Windows 8 versions.
Other Security Shortages in Windows 7
In fact, there still are other shortages in Windows 7 should be improved
concerning system security. The UAC (User Account Control) in Windows 7 can help
users to decrease interruptions. But it do exist a danger: when this function is closed,
users won’t be informed. That’s to say, it is absolutely possible for malware to close it
in secret while the users think it is still on. Still, in Windows 7, the Local Security
Authority Subsystem Service can cause a denial of service attacks if hackers send
packets containing malicious files during NTLM authentication that are connected to
the network. And we can say there will definitely be more and more security
vulnerabilities to be found in Windows 7 in the future.
As is acknowledged to all, Windows Vista, released in 2006, is somewhat a failure
in the history of Microsoft, the empire in operation systems. As a result, once
Windows 7, the successor of Windows Vista, was released, most of Windows Vista
gave way to Windows 7 instantly. We even can saw that some Vista programs cut
down sales largely at that time, such as Windows Vista password reset software.

5. Now, we cannot ensure that Windows 8 will outnumber Windows 7 in a short time,
but we have reason to believe that many Windows 7 users will see the strong
security performance in Windows 8, at least when they encounter with the
above-mentioned shortages in Windows 7.