Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Windows 8 to get important security tweaks

'Secured boot' the biggest new protection

Article comments

Windows 8 will ship with a number of small but important security tweaks Microsoft hopes will make it a harder target for the viruses, worms and Trojans that were able to subvert older versions of the operating system.

Most of the security features mentioned by Windows president Steven Sinofsky at this week’s Build conference extend design features that appeared in Vista and Windows 7 and have gradually been added through updates.

These include Address Space Layout Randomization (ASLR), which will be used more extensively in Windows 8, as will a new feature that protects the core of the OS from what is called a ‘kernel-mode NULL dereference vulnerability’, basically a way for an attacker to elevate privileges once on the system.

Windows 8 will also make extensive use of memory heap randomisaiton, another technique tried on Windows 7, which makes it difficult for malware programmers to ‘overrun’ the space given to an application for malicious purposes.

Probably the biggest security addition is Windows 8’s support for UEFI 2.3.1 secured boot technology (which requires BIOS support), which stops early-booting malware from interfering with antivirus products before they load into memory.

None of these changes are particularly radical but they continue the design policy of restricting as far as possible what applications can do on the platform without upsetting the OS. Of course, in the Web 2.0 world, what an application can do is increasingly governed by software interfaces other than those looked after the OS.

Sinofsky did however remind developers of the importance of the company’s Security Development Lifecycle (SDL), the coding, testing and design system it came up with to avoid the security oversight that causes so many problems for Windows XP a decade ago.

“Some malware is as complex as commercial applications,” said Sinofsky notes in a blog on the environment in which Windows 8 will be operating.

Microsoft has also spotted an interesting clue as to why a sizable minority of PCs seem to lack adequate antivirus protection – people use free antivirus that comes with a new PC but then fail to re-subscribe after trial periods expire.

“Shortly after Windows 7 general availability in October 2009, our telemetry data showed nearly all Windows 7 PCs had up-to-date antimalware software,” said Sinofsky.

“A year later, at least 24 percent of Windows 7 PCs did not have current antimalware protection. Our data also shows that PCs that become unprotected tend to stay in this unprotected state for long periods of time.”

Microsoft’s biggest security challenge with Windows 8 remains the same one the company had with Windows 7 – a core of stubborn users refuses to upgrade from older operating systems, especially XP. This, critics might point out, is largely Microsoft’s fault for shipping five versions of the operating system since the year 2000, a marketing approach that left some users unsure as to the value of paying for a new version.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *