Windows 8: 4 Smart Security Improvements

  /     /     /  
Publicated : 22/11/2024   Category : security


Windows 8: 4 Smart Security Improvements


Will Windows 8 be the most secure Microsoft operating system to date? One security expert sees promising signs.



8 Key Differences Between Windows 8 And Windows RT (click image for larger view and for slideshow)
Will Windows 8 be more secure and harder to exploit than previous Microsoft operating systems?
Microsoft is now making several
last-minute touch ups
to the operating system, which is set to launch Oct. 26, and which has been previewed as the most substantial overhaul of Windows since the debut of Windows 95.
But does the Windows overhaul extend to the operating systems
information security performance
, and will Windows 8 be harder for
attackers to exploit
?
[ Get expert guidance on Microsoft Windows 8. InformationWeeks
Windows 8 Super Guide
rounds up the key news, analysis, and reviews that you need. ]
According to Aryeh Goretsky, a researcher at security firm ESET, after reviewing the layers of technologies used by Microsoft to protect Windows 8, it is our opinion that it is the most secure version of Microsoft Windows to date. That analysis comes by way of a new
Windows 8 security
white paper from ESET, authored by Goretsky. While his analysis doesnt review every new Windows 8 security feature--such as
AppContainer
, for application sandboxing--it highlights what he sees as the operating systems four biggest security improvements:
1. Antivirus Now Active by Default
In clean installs of Windows 8, the free Microsoft antivirus and anti-malware product
Windows Defender
will be active by default. The clean installs caveat, however, refers to PC manufacturers and distributors being allowed to instead install trial versions of their own antivirus and anti-malware software.
Windows Defender provides a good level of protection, but is mainly targeted at those who are unwilling--or unable--to purchase a commercial anti-malware solution, said Goretsky. While he categorized the software as being effective (though a minimum bar for levels of protection) he also lauded it for not being nagware. That means it does not attempt to upsell the user to a paid-for product and toolbars or banner advertisements, nor does it modify existing search settings. That makes it less likely that users might seek to disable the software.
2. Windows Rewrites Target Bootkit Malware
Windows 8 will include new tools for blocking not only rootkits, but also
bootkits
, which are able to replace boot loaders, thus making the malware active almost once a PC starts up, and very difficult to detect or eradicate.
But Goretsky warned that some legacy Microsoft code wont enjoy the better rootkit protection. Some of these changes made to operating systems to combat rootkits ... are only available in the 64-bit editions of Microsoft Windows due to support issues: there remains a large base of 32-bit programs which rely, for compatibility reasons, on some insecure functions inherited from earlier Windows versions, he said.
3. BIOS Firmware Gets UEFI Replacement
The BIOS firmware code that becomes active as soon as a PC powers on has also been replaced in Windows 8 by the
Unified Extensible Firmware Interface
(UEFI). The move has drawn fire from Linux advocates, who fear that Windows 8-compatible machines might be blocked from starting up to Linux, since one feature of UEFI is Secure Boot, which requires that an operating system be digitally signed before the PC will allow it to load.
What Microsoft has done is place a requirement in the Windows 8 logo tests that computers shipping with a 64-bit version of Windows 8 (which will be most desktop and notebook computers) ship with Secure Boot enabled in their UEFI firmware by the manufacturer, said Goretsky. However, he continued, The same requirements state that the user must be able to disable this feature. While that will add an extra step for anyone who wants to replace Windows 8, on Windows 8-certified hardware, with another operating system, it means that the Secure Boot will be active by default for everyone else.
As a result, the feature should greatly [reduce] the attack surface currently exploited by bootkit forms of rootkit malware on systems using BIOS-based firmware, said Goretsky, who also noted that after two decades, BIOS is overdue for a replacement.
4. Anti-Malware Launches Early
Another security improvement in Windows 8 is the Early Launch Anti Malware (ELAM) feature, which allows security software--not just from Microsoft--to be first in line once a PC starts up and begins loading applications. ELAM is important because, like UEFIs Secure Boot, it vastly improves the security of the computer at an early stage, said Goretsky. While the effectiveness of ELAM is as yet unproven, the concept behind it is fundamentally sound, and it should prove to be a major deterrence to boot-time malware.
But dont be surprised, he warned, if Microsoft tweaks ELAM--or any of the other new features--after Windows 8 debuts and developers see if the previewed security improvements actually perform as intended.
Upgrading isnt the easy decision that Win 7 was. We take a close look at Server 2012, changes to mobility and security, and more in the new
Here Comes Windows 8
issue of InformationWeek. Also in this issue: Why you should have the difficult conversations about the value of OS and PC upgrades before discussing Windows 8. (Free registration required.)

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Windows 8: 4 Smart Security Improvements