Windows 8 securityPosted by admin on Feb 10, 2013 in Security Blog • No comments
Below is a lit of some of the new Windows 8 security tools.
Integrated Windows Defender
Windows 8 will include a full anti-malware solution, known as Windows Defender which will now include the antivirus features from the Microsoft Security Essentials program. Windows Defender will also have improved performance and a smaller memory/CPU footprint than the previous versions. When Windows Defender is combined with Secure Boot, Windows will be able to start actively defending the system from a known good environment faster, reducing potential infections.
Picture Password is a new touch gesture based security login where the user selects a picture and then makes three touch gestures on top of it. Windows will save the gestures as the user’s password and then the user would repeat that sequence to log in. This is a new login system and the can be used with multiple pictures.
Address Space Layout Randomization (ASLR) was first introduced in Vista and is a technique to mitigate the infamous “Buffer Overrun” vulnerabilities. It works by randomly moving the location of code and data in memory. In Windows 8 randomization is increased in order to foil known techniques that were developed to bypass the previous versions of ASLR. Other mitigations include changes to the Windows kernel and heap, including new integrity checks and randomization using a similar approach to ASLR. Internet Explorer 10 will also benefit from these changes: besides including an “Enhanced Protected Mode” sandbox, there will be a “ForceASLR” option in IE10 that can randomize all modules loaded into memory by the browser, regardless if those modules did not opt in to use ASLR protection (developers can create modules that take advantage of ASLR protection by using the optional /DYNAMICBASE flag).
Bitlocker is the full-disk encryption solution Microsoft introduced in Vista and then extended to removable drives with Bitlocker To Go in Windows 7. Not much has changed from the previous version, but it will now include the option of backing up the encryption key of Bitlocker To Go to a SkyDrive Account.
Encrypted File System
EFS is Microsoft’s original solution for encrypting individual drives, folders or files. It was originally introduced nearly twenty years ago in the Windows NT family of products, but now it’s been largely overshadowed by Bitlocker, Bitlocker To Go, and a number of free encryption alternatives.
Applocker is Microsoft’s solution for application control. This solution was introduced in Windows 7 and works with either blacklists or whitelists of applications. With Applocker, an administrator can create policies that restrict or allow specific applications from being installed or run by users. In Windows 8 Applocker evolves in order to manage both traditional desktop applications and the new Metro apps.
Microsoft introduced DirectAccess as an alternative to VPNs for securely connecting PCs to corporate networks. DirectAccess connections don’t require launching an additional application to connect and can help organizations maintain compliance on remote or mobile computers by applying policies and patches seamlessly. This feature doesn’t appear to have changed much from the previous version introduced in Windows 7.
Security Audit Systems provide Penetration Testing services please visit our Penetration Testing services page.