Windows 8 Security Mechanisms

We live in a world of information where all our data is maintained in a digital format.

What would be your reaction if you found out that an unknown person has accessed your profile information? How would you react if you found out that your credit card details and passwords stored in your computer have been compromised?

Microsoft has ensured that it leaves no stone unturned to ensure that its new billion-dollar venture is equipped with adequate levels of protection.

Viruses, worms and Trojans that corrupted the previous versions of Windows will not be able to tamper with Windows 8 operating system easily. Windows president Steven Sinofsky has mentioned some security features of Windows 8 at the recent Microsoft build conference and how they are derived from their predecessor operating system Windows 7.

In this article, we present an overview of the new security features of Windows 8.

Security Features of Windows 8

  • Address space layout randomization (ASLR)

It involves random arrangement of base addresses of executable, libraries, heap and stack addresses in a process’s address space. The user’s code and data locations on hard drive are shuffled randomly to avoid revealing addresses to hackers. This feature was existent in Windows 7 but has been enhanced in Windows 8.

  • Heap Randomization (HR)

Attackers can corrupt or cause abnormal execution of programs by overwriting data pointers located in the heap. Randomization attempts to prevent this by adding guard pages in between so that data pointers are not altered.

  • Kernel mode security:

Kernel mode processes run in a special section of memory reserved for them. Microsoft has tweaked the user mode processes in Windows 8 so that they cannot access the kernel address space which means the lower 64k of process memory is not accessible by user processes.

  • UEFI Secure Boot:

Drivers and applications that start along with the operating system are assigned keys by Microsoft that is verified by the operating system at startup. If the driver or application does not possess the proper key, it is not allowed to start with the operating system processes. This ensures that malware does not interfere with antivirus programs.

  • Windows Defender:

Windows defender has been enhanced to identify all types of malware, virus and worm signatures from Microsoft malware protection center. Previously, the database only stored spyware and adware signatures.

Microsoft continues its support for third party antivirus and antimalware vendors while revamping their Widows defender with the help of their security development team.

Microsoft is following a security development lifecycle to ensure they do not encounter problems like those that the Windows XP users experienced in the past. Microsoft has noted the main cause of inadequate malware protection on 75% of the computers.

According to Microsoft, users fail to revamp their trial version after expiry and most of them do not update their security components regularly. Stay tuned for more security related news from Microsoft.