First look at Windows 8 security features
Windows 8 launched this week. It brings a new interface, but under the hood, it introduces a number of new security features.
The most significant change in terms of security is the use of the Unified Extensible Firmware Interface (UEFI) replacing the old BIOS. With UEFI, a computer will only run operating system kernels that have been digitally signed by an approved software vendor. Thus, the user is guaranteed that the operating system has not been tampered with by attackers.
Windows Defender, Microsoft’s Anti-Malware solution is now more comprehensive and is included by default in Windows 8, which is particularly attractive for consumers who will receive Anti-Malware protection out of the box.
Organizations, which typically require management capabilities, such as reports on machine update status and alerts of neutralized malware, will still need to look for an enterprise malware solution.
Memory Management in Windows 8 has been rearchitected to provide additional safeguards, such as comprehensive randomization and guard pages. Most of the memory exploit tactics that attackers use to gain control of a Windows 7 machine will now fail under Windows 8, which benefits all applications running on Windows 8.
Lastly, the Windows Store will have significant impact on security. As users begin to favor the Windows Store as their main source for applications, overall security will be enhanced because it will be near impossible for an attacker to place a Trojan horse in the store. In addition, the Windows Store will take care of keeping applications updated with the latest security patches.
Personally, I am in line for upgrading my home Windows machine to Windows 8.
Author: Wolfgang Kandek, CTO, Qualys.