Windows 8 Gets Security Overhaul - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Enterprise Architecture

Windows 8 Gets Security Overhaul

Microsoft will include a beefed up version of Windows Defender in its next OS. That could be bad news for Symantec and McAfee.

Windows 8 Visual Tour: Microsoft's New Desktop
Windows 8 Visual Tour: Microsoft's New Desktop
(click image for larger view and for slideshow)
Microsoft is giving its Windows franchise a security upgrade with the forthcoming Windows 8, a move that could edge out third-party antivirus and malware protection providers and allow Redmond to keep a bigger chunk of the $16.5 billion security software industry to itself.

"Criminal attacks continue to evolve and malware has become their standard weapon against anyone who uses the Internet--on traditional form-factor devices, as well as on mobile devices like tablets and phones," said Jason Garms, a security manager in Microsoft's Windows group. "Malware targets all operating systems and browsers, and in recent years, criminal attacks against applications have increased substantially."

To keep up with the threat, Microsoft is boosting OS-level security as well as the capabilities of Windows Defender, an add-on that's designed to protect host PCs from spyware and malware. Windows 8, which features a fully revamped user interface, will include an enhanced set of what Microsoft calls "mitigations"--a set of features built to disrupt or disable malicious code.

[Is Windows 8 Microsoft's last chance? See Windows 8 Could Make Or Break Microsoft].

One such mitigation, Address Space Layout Randomization (ASLR), shuffles the location of code and data on the user's hard drive in order to frustrate hackers' assumptions about where the information is located. In Windows 8, ASLR has been improved with increased randomization "that will break many known techniques for circumventing ASLR," said Garms, in a blog post.

Similarly, the Windows 8 heap (continuous bits of memory) has also been randomized to defend against attacks that target the heap, and guard pages have been added to counter hacks that attempt to exploit heap overflows.

Also, the Windows kernel itself will also be protected with a number of mitigations. For instance, user-mode processes have been tweaked so that the low 64K of process memory cannot be allocated, which helps protect against a number of kernel-mode vulnerabilities.

Microsoft has also beefed up security in Internet Explorer. Explorer 10, which is designed to work with Windows 8, will feature a number of new built-in countermeasures. Guards have been implemented to defend against "use after free" memory vulnerabilities which, according to Microsoft, accounted for 75% of all Explorer vulnerabilities reported in the past two years.

Windows Defender, meanwhile, is getting an overhaul that's intended to make it an effective tool against a full range of threats, including viruses, worms, bots, and rootkits. To accomplish this, Microsoft is revamping Defender so it can use the full set of malware signatures from the Microsoft Malware Protection Center. Previous versions only included the signatures for spyware and adware. "If you don't have another solution installed, Windows 8 will provide you protection with a significantly improved version of Windows Defender," said Garms.

While that may be good news for PC users, it could make life more difficult for third-party antivirus software makers such as Symantec and McAfee. Both vendors have profited from the fact that Windows' built-in security features, at least in the past, have been somewhat lacking. Garms, however, said Microsoft has no plans to shut out third-party security software. "We're continuing to work with antimalware partners during the Windows 8 development process," he said.

In the new, all-digital issue of Network Computing: Microsoft and Citrix are closing the gap with VMware. Before you roll out the latest edition of vSphere, reconsider your virtualization platform. Download the issue now. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
IT Careers: Top 10 US Cities for Tech Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/14/2020
Commentary
Predictions for Cloud Computing in 2020
James Kobielus, Research Director, Futurum,  1/9/2020
News
What's Next: AI and Data Trends for 2020 and Beyond
Jessica Davis, Senior Editor, Enterprise Apps,  12/30/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll