Windows 8 comes with in-built antivirus protection that will be enabled by-default in case if no antivirus program is there. Many other enhanced security features are introduced in Windows 8 so as to offer the deepest level security.
UEFI Secure Boot – The latest Windows 8 PCs come with UEFI Secure Boot that is a firmware. This feature allows your system to check for security certificates for drivers, system files, kernel, and boot loader against database when Windows loads. It can be thought of as mini operating system whose work is to check that usual operating system of yours has not been tampered. When there is rootkit on your system waiting to play with Windows components when one is booting their system, Windows would find code that has been tampered with, and replace it with legitimate, original code from Windows store named as side-by-side. One would not see any warning for this at the time of system booting but details will be present in anti-virus warnings that is available in Action Centre.
Guard Pages – When Windows starts running, it becomes tough to make use of ways it handles in-use memory also called heap for attacking operating system or some other application that is being running. With previous Windows version, it wasn’t much tough to allocate good amount of memory. There are much strict limits with Windows 8 kernel on the amount of memory that can be allocated hence overflow attack will have to be just at the right size. Kernel puts guard pages of memory that is usually done around vital code just like a moat hence if some malware tries attacking by corrupting next memory chunk and overflowing, it will much likely end-up in memory moat thereby leading to shutdown of Windows so that there isn’t any access possible to invalid memory.
Randomising Memory – This feature comes with Windows 8 that keeps track of allocation memory to applications. It ensures that allocated memory begins in random place instead picking is dependent on value that could be interfered by malware for making way for malicious code or for making use of predictable location like memory’s next free chunk. For making random number truly random, Windows will collect mixture of information at the time of booting from different sources like performance logs, clock, power management systems, and lots more. All this in turn will be combined into fresh random number seed each time. No longer needed memory, isn’t much vulnerable. Previously, malware were capable of forcing kernel for allocating memory to program and finally releasing it in order to allow virus to make use of memory that wasn’t of any use to Windows but now it is all blocked.
Memory Allocation – With Windows 7, DEP (Data Execution Prevention) was already able to mark memory allocated to the applications for information storing hence it cannot be utilized for running code. ASLR 7(Address Space Layout Randomisation) means program code will not be loaded always in same place that makes it tough for malware to search where to attack. It protects Windows but users need relying on developers to turn them on while they are writing programs of their own. Windows 8 will not run on the CPUs that aren’t having hardware for marking memory and improvements to memory heap, ON by default hence protecting all things. Windows 8 makes use of SMEP (Supervision Mode Execution Protection) also called OS Guard in Ivy Bridge CPUs for stopping CPU running memory pages that have been marked as ‘user’ instead of ‘kernel’ that are user pages just for data. Hence by using NX for protecting kernel memory is highly vital as other malware will simply target kernel memory for bypassing SMEP.
Better Wi-Fi Safety – When users connect to secured Wi-Fi hotspot, they require typing password and for each secured network, one may require having certificate installed on their system. With Windows 8, you will get assistance for many mobile and wireless Extensible Authentication Protocol or EAP standards that will allow users to get connected to secured networks without getting certificate or roaming between mobile broadband and different wireless networks. A new standard has been introduced and it is called Hotspot 2.0 that makes it simpler to connect to any Wi-Fi hotspot automatically when one is travelling around.
Malware Resistance – Windows 8 comes with in-built resistance for malware that is preventive measure to be ahead of different type of attackers. This is the reason why Windows Defender has become improved and it now allows users to detect specific bad behaviours especially in file systems, registry, and memory even before creation of signatures. Moreover, in Windows 8.1 version, there is API for IE (Internet Explorer) that will enable anti-malware solutions for making security determination prior to binary extension being loaded.
Sensitive Data Protection – Now businesses will be able to protect sensitive data of theirs in a better way even when it is residing on personal devices of their employees. This is possible with remote data removal and pervasive data encryption that allows IT departments to wipe of corporate data off BYOD device without actually affecting the personal information. BYODs offer much control and flexibility over how different devices are connected to internal networks.
Runtime Security – When you are running Windows 8 operating system, you should be assured that no security breaches can happen because it offers many more new and advanced security defences for limiting surface area attacks. In previous Windows version, Windows Defender just has anti-malware scanner but now this scanner runs on its own even when not switched on manually. The job scope of this defender has been increased and it now looks for all kinds of suspicious network activities in addition to malware executable signatures.
Sandboxing With The AppContainer – Out of all security features offered by Windows 8, this one is outstanding. When some app is running inside sandbox, it will be restricted regarding how it will interact with OS. Based on Sandbox, applications can be restricted from writing or reading files that are outside prescribed locations, modifying OS files, accessing location awareness, and lots more.
Start reading 9 Security Enhancement in Windows 8