Microsoft isn't taking the threat of malware lightly. According to Windows Live president Steven Sinosfky, Windows 8 will brandish new tools to protect users from the persistent threat.
"We are extending the protections provided by Defender to address a broader range of potential threats," wrote Sinofsky at the Building Windows 8 blog.
Microsoft's go-to spyware scanning and removal software, Defender, will ship with Windows 8 - just as it has in Vista and Windows 7. However, it won't be your father's Defender.
"The improvements to Windows Defender will help protect you from all types of malware, including viruses, worms, bots and rootkits by using the complete set of malware signatures from the Microsoft Malware Protection Center, which Windows Update will deliver regularly along with the latest Microsoft anti-malware engine," said Jason Garms, group program manager, reliability and security. "Windows Defender will now provide you with real-time detection and protection from malware threats using a file system filter, and will interface with Windows secured boot, another new Window 8 protection feature."
Garms added that running Secure Boot on Windows 8 will protect firmware, firmware updates and anti-malware drivers.
"It does this by loading only properly signed and validated code in the boot path," said Garms. "This helps ensure that malicious code can't load during boot or resume, and helps to protect you against boot sector and boot loader viruses, as well as bootkit and rootkit malware that try to load as drivers."
Mitigation measures that make it tougher for malware makers to devise guaranteed security workarounds are also being improved, he explained.
The Windows Vista-borne Address Space Layout Randomization will boast "increased randomization that will break many known techniques for circumventing ASLR," and the Windows 8 kernel will see previously user mode-specific defenses. "We now prevent user-mode processes from allocating the low 64K of process memory, which prevents a whole class of kernel-mode NULL dereference vulnerabilities from being exploited," Garms said.
Tweaks to how Windows 8 interacts with Microsoft's Internet Explorer browsers will also help cut down on vulnerabilities.
"'Use-after-free' vulnerabilities represented nearly 75 percent of the vulnerabilities reported in Internet Explorer over the last two years," Garms said. "For Windows 8, we implemented guards in Internet Explorer to prevent an attacker from crafting an invalid virtual function table, making these attacks more difficult."
Windows 8 will also utilize the company's SmartScreen technology. The feature has prevented over 1.5 billion malware attacks to date, boasted Garms. Though Microsoft is loathe to step on other anti-malware companies' toes, he believes it has found a middle-ground for the inclusion.
"We understand that Internet Explorer isn’t the only way you download applications from the Internet, so Windows now uses SmartScreen to perform an application reputation check the first time you launch applications that come from the Internet," he explained. "SmartScreen will only notify you when you run an application that has not yet established a reputation and therefore is a higher risk."
Microsoft said last month it had reduced overall Internet spam by 15 percent since 2008. Can it double that by 2014? (via Building Windows 8)
What do you think about these new security enhancements? Let us know in the comment section.
