Feeds

Windows 8

Apple iOS 7 makes some users literally SICK. As in puking, not upset

Excessive zoom and 3D-effect graphics in Apple's latest iOS is leaving some users reaching for the sick bucket

Windows 8 'harder for malware to exploit', says security analysis

Getting penetrated doesn't mean they own you

Choosing a cloud hosting partner with confidence

Microsoft’s upcoming operating system is a step forward in security, at least according to a security researcher who is among the first to take a detailed look at early releases of Windows 8.

Chris Valasek, a senior security research scientist at development testing firm Coverity, began examining the security features of Windows 8 last autumn, before the consumer previews of the upcoming revamp of the new Microsoft OS came out.

Windows 8 will come with a radically redesigned user interface, dubbed Metro, which was designed in part to give Windows that same feel across smartphones, desktops, laptops and tablets. Despite radical changes, it seems the innards of the operating system are much the same as those found in Windows 7. Valasek described the leap between Windows 7 and 8 as less than that between XP and Vista.

One major change between Windows 7 and 8 is the addition of more exploit-mitigation technologies, however. Windows Memory Managers (specifically the Windows Heap Manager and Windows Kernel Pool Allocator) are designed to make it far harder for attackers to exploit buffer-overflow vulnerabilities and the like to push malware onto vulnerable systems.

The technology is aimed at thwarting the abuse of software bugs rather than preventing or even minimising the occurrence of vulnerabilities in the first place. "There are always going to be vulnerabilities but you can make it difficult to leverage vulnerabilities to write exploits," Valasek explained. "It'd be naive to think there'll be no new vulns."

Another big change comes with the app store that goes with Windows 8.

Applications for the next version of the operating system will feature more granular controls. Applications will be restricted to functions necessary to performing their declared function, unlike the current situation where installed applications are given free rein. Apps will have limited permissions to perform actions consistent with their declared intent. The restrictions, along with other factors, will reduce the scope for malware to do mischief, even if it does find its way onto a Windows 8 system.

"These new Windows 8 Apps will be contained by a much more restrictive security sandbox, which is a mechanism to prevent programs from performing certain actions," Valasek explains. "This new App Container provides the operating system with a way to make more fine-grained decisions on what actions certain applications can perform, instead of relying on the more broad ‘Integrity Levels’ that debuted in Windows Vista/7."

"Overall I'd far rather write exploits against Win 7 than Win 8," Valasek explained.

Windows 8 also comes with a new version of Internet Explorer, Microsoft's browser software. Internet Explorer 10 will come with a mode that disables support for third-party plug-ins such as Flash and Java. However, Valasek added that users will "probably be giving some things up” in this mode. Even outside this mode, plug-ins will be hooked to memory randomisation – another development that will make it more difficult for miscreants to develop exploits.

One of the most contentious security-related revamps in Windows 8 is a secure boot feature which open-source advocates have argued would lock out alternative operating systems. Valasek said assessing the pluses and minuses of this feature from a security perspective was outside the scope of his study. Open-source advocates have come up with possible workarounds, such as this one from Matthew Garrett, but the situation remains far from ideal for open source-fans.

Windows 8 remains a work in progress and further changes are more than likely before its eventual release. Valasek's study is based in part on reverse engineering of Windows Heap Manager and analysis of executables using disassembler tools such as IDAPro.

Valasek is putting together a paper on Windows 8 security that he hopes to present at the Black Hat Briefings in Las Vegas in July. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.