Feeds

Windows 8

Apple iOS 7 makes some users literally SICK. As in puking, not upset

Excessive zoom and 3D-effect graphics in Apple's latest iOS is leaving some users reaching for the sick bucket

Windows 8 'harder for malware to exploit', says security analysis

Getting penetrated doesn't mean they own you

Providing a secure and efficient Helpdesk

Microsoft’s upcoming operating system is a step forward in security, at least according to a security researcher who is among the first to take a detailed look at early releases of Windows 8.

Chris Valasek, a senior security research scientist at development testing firm Coverity, began examining the security features of Windows 8 last autumn, before the consumer previews of the upcoming revamp of the new Microsoft OS came out.

Windows 8 will come with a radically redesigned user interface, dubbed Metro, which was designed in part to give Windows that same feel across smartphones, desktops, laptops and tablets. Despite radical changes, it seems the innards of the operating system are much the same as those found in Windows 7. Valasek described the leap between Windows 7 and 8 as less than that between XP and Vista.

One major change between Windows 7 and 8 is the addition of more exploit-mitigation technologies, however. Windows Memory Managers (specifically the Windows Heap Manager and Windows Kernel Pool Allocator) are designed to make it far harder for attackers to exploit buffer-overflow vulnerabilities and the like to push malware onto vulnerable systems.

The technology is aimed at thwarting the abuse of software bugs rather than preventing or even minimising the occurrence of vulnerabilities in the first place. "There are always going to be vulnerabilities but you can make it difficult to leverage vulnerabilities to write exploits," Valasek explained. "It'd be naive to think there'll be no new vulns."

Another big change comes with the app store that goes with Windows 8.

Applications for the next version of the operating system will feature more granular controls. Applications will be restricted to functions necessary to performing their declared function, unlike the current situation where installed applications are given free rein. Apps will have limited permissions to perform actions consistent with their declared intent. The restrictions, along with other factors, will reduce the scope for malware to do mischief, even if it does find its way onto a Windows 8 system.

"These new Windows 8 Apps will be contained by a much more restrictive security sandbox, which is a mechanism to prevent programs from performing certain actions," Valasek explains. "This new App Container provides the operating system with a way to make more fine-grained decisions on what actions certain applications can perform, instead of relying on the more broad ‘Integrity Levels’ that debuted in Windows Vista/7."

"Overall I'd far rather write exploits against Win 7 than Win 8," Valasek explained.

Windows 8 also comes with a new version of Internet Explorer, Microsoft's browser software. Internet Explorer 10 will come with a mode that disables support for third-party plug-ins such as Flash and Java. However, Valasek added that users will "probably be giving some things up” in this mode. Even outside this mode, plug-ins will be hooked to memory randomisation – another development that will make it more difficult for miscreants to develop exploits.

One of the most contentious security-related revamps in Windows 8 is a secure boot feature which open-source advocates have argued would lock out alternative operating systems. Valasek said assessing the pluses and minuses of this feature from a security perspective was outside the scope of his study. Open-source advocates have come up with possible workarounds, such as this one from Matthew Garrett, but the situation remains far from ideal for open source-fans.

Windows 8 remains a work in progress and further changes are more than likely before its eventual release. Valasek's study is based in part on reverse engineering of Windows Heap Manager and analysis of executables using disassembler tools such as IDAPro.

Valasek is putting together a paper on Windows 8 security that he hopes to present at the Black Hat Briefings in Las Vegas in July. ®

Beginner's guide to SSL certificates

More from The Register

next story
ONE MILLION people already running Windows 10
A third of them are doing it in VMs, but early feedback focuses on frippery
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
Sway: Microsoft's new Office app doesn't have an Undo function
Content aggregation, meet the workplace ... oh
Sign off my IT project or I’ll PHONE your MUM
Honestly, it’s a piece of piss
Do Moan! MONSTER 6-day EMAIL OUTAGE hits Domain Monster
Customers freaked out by frightful service
Return of the Jedi – Apache reclaims web server crown
.london, .hamburg and .公司 - that's .com in Chinese - storm the web server charts
NetWare sales revive in China thanks to that man Snowden
If it ain't Microsoft, it's in fashion behind the Great Firewall
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.