Windows 8 and its security mechanisms

September 22, 2011
42
Views

Security Features of Windows 8

  • Address space layout randomization (ASLR)
It involves random arrangement of base addresses of executable, libraries, heap and stack addresses in a process’s address space. The user’s code and data locations on hard drive are shuffled randomly to avoid revealing addresses to hackers. This feature was existent in Windows 7 but has been enhanced in Windows 8.
  • Heap Randomization (HR)
Attackers can corrupt or cause abnormal execution of programs by overwriting data pointers located in the heap. Randomization attempts to prevent this by adding guard pages in between so that data pointers are not altered. Figure 2: Windows 7 vs. Windows 8 running an application[/caption]
  • Kernel mode security:
Kernel mode processes run in a special section of memory reserved for them. Microsoft has tweaked the user mode processes in Windows 8 so that they cannot access the kernel address space which means the lower 64k of process memory is not accessible by user processes.
  • UEFI Secure Boot:
Drivers and applications that start along with the operating system are assigned keys by Microsoft that is verified by the operating system at startup. If the driver or application does not possess the proper key, it is not allowed to start with the operating system processes. This ensures that malware does not interfere with antivirus programs.
  • Windows Defender:
Windows defender has been enhanced to identify all types of malware, virus and worm signatures from Microsoft malware protection center. Previously, the database only stored spyware and adware signatures. Microsoft continues its support for third party antivirus and antimalware vendors while revamping their Widows defender with the help of their security development team. Microsoft is following a security development lifecycle to ensure they do not encounter problems like those that the Windows XP users experienced in the past. Microsoft has noted the main cause of inadequate malware protection on 75% of the computers. According to Microsoft, users fail to revamp their trial version after expiry and most of them do not update their security components regularly. Stay tuned for more security related news from Microsoft.]]>

Article Categories:
Microsoft

Mike Johnson is a writer for The Redmond Cloud - the most comprehensive source of news and information about Microsoft Azure and the Microsoft Cloud. He enjoys writing about Azure Security, IOT and the Blockchain.

All Comments

  • yup, and get sued by the multiple anti-virus companies……

    guest September 23, 2011 1:16 am Reply

Leave a Reply

Your email address will not be published. Required fields are marked *