Call us:    +44 (0) 207 0439 349        Company      Contact us

Windows 8 security

Posted by on Feb 10, 2013 in Security BlogNo comments

Below is a lit of some of the new Windows 8 security tools.

Integrated Windows Defender

Windows 8 will include a full anti-malware solution, known as Windows Defender which will now include the antivirus features from the Microsoft Security Essentials program. Windows Defender will also have improved performance and a smaller memory/CPU footprint than the previous versions.  When Windows Defender is combined with Secure Boot, Windows will be able to start actively defending the system from a known good environment faster, reducing potential infections.

Picture Password

Picture Password is a new touch gesture based security login where the user selects a picture and then makes three touch gestures on top of it. Windows will save the gestures as the user’s password and then the user would repeat that sequence to log in. This is a new login system and the can be used with multiple pictures.

ASLR

Address Space Layout Randomization (ASLR) was first introduced in Vista and is a technique to mitigate the infamous “Buffer Overrun” vulnerabilities.  It works by randomly moving the location of code and data in memory. In Windows 8 randomization is increased in order to foil known techniques that were developed to bypass the previous versions of ASLR. Other mitigations include changes to the Windows kernel and heap, including new integrity checks and randomization using a similar approach to ASLR. Internet Explorer 10 will also benefit from these changes: besides including an “Enhanced Protected Mode” sandbox, there will be a “ForceASLR” option in IE10 that can randomize all modules loaded into memory by the browser, regardless if those modules did not opt in to use ASLR protection (developers can create modules that take advantage of ASLR protection by using the optional /DYNAMICBASE flag).

Bitlocker

Bitlocker is the full-disk encryption solution Microsoft introduced in Vista and then extended to removable drives with Bitlocker To Go in Windows 7. Not much has changed from the previous version, but it will now include the option of backing up the encryption key of Bitlocker To Go to a SkyDrive Account.

Encrypted File System

EFS is Microsoft’s original solution for encrypting individual drives, folders or files. It was originally introduced nearly twenty years ago in the Windows NT family of products, but now it’s been largely overshadowed by Bitlocker, Bitlocker To Go, and a number of free encryption alternatives.

Applocker

Applocker is Microsoft’s solution for application control. This solution was introduced in Windows 7 and works with either blacklists or whitelists of applications. With Applocker, an administrator can create policies that restrict or allow specific applications from being installed or run by users. In Windows 8 Applocker evolves in order to manage both traditional desktop applications and the new Metro apps.

DirectAccess

Microsoft introduced DirectAccess as an alternative to VPNs for securely connecting PCs to corporate networks. DirectAccess connections don’t require launching an additional application to connect and can help organizations maintain compliance on remote or mobile computers by applying policies and patches seamlessly. This feature doesn’t appear to have changed much from the previous version introduced in Windows 7.

Security Audit Systems provide Penetration Testing services please visit our Penetration Testing services page.

Registered Memberships and Partners:

OWASP - Open Web Applications Security Project
ISSA UK - Information Systems Security Association UK
NIST - Computer Security Division of NIST
UKITA - UK Information Technology Association
ISF - Information Security Forum
ISACA - Information Security Audit & Control Association

  • Latest Tweets

    • Britain's security has been threatened by 188 high-level cyber attacks in the last three months, according to a government security chief.

    • Libraries across the city of St Louis are gradually regaining control of their computer systems, following a malware attack on 17 Libraries.

This website uses cookies to improve user experience. By using our website you consent to all cookies issued by this website.
I agree Disagree