Windows 8 welcomed by security expert

By Stuart Sumner
26 Oct 2012 View Comments

Microsoft's new operating system, Windows 8, has been welcomed by a security expert, who cites a raft of tweaks and new features as beneficial for the protection of computers running the software.

The most significant change, according to Wolfgang Kandek, CTO of cloud security firm Qualys, is the use of the Unified Extensible Firmware Interface (UEFI), which replaces the old BIOS.

Further reading

"With UEFI, a computer will only run operating system kernels that have been digitally signed by an approved software vendor. Thus, the user is guaranteed that the operating system has not been tampered with by attackers," said Kandek.

Kandek also claimed that Windows Defender, Microsoft's anti-malware solution is now more comprehensive. The system is included by default in Windows 8, which Kandek describes as attractive for consumers who would otherwise need to download a separate solution themselves.

However, he admitted that it is less relevant for organisations, who typically require management capabilities – such as reports on machine update status and alerts of neutralised malware – meaning that they are still likely to need a standalone enterprise malware solution.

Memory management is another area Kandek believes Microsoft has improved in its latest OS.

"Memory management in Windows 8 has been rearchitected to provide additional safeguards, such as comprehensive randomisation and guard pages. Most of the memory exploit tactics, such as heap sprays, that attackers use to gain control of a Windows 7 machine, will now fail under Windows 8, which benefits all applications running on Windows 8."

Finally, he said that the Windows App Store will have a significant impact on security.

"As users begin to favour the App Store as their main source for applications, overall security will be enhanced because it will be near impossible for an attacker to place a trojan horse in the store. In addition, the App Store will take care of keeping applications updated with the latest security patches."

Putting his money where his mouth is, Kadek concluded by stating that he feels sufficiently confident in Microsoft's latest OS to upgrade to it on his own machine, despite the fact that it has only just been launched, and hence not yet subjected to the rigours of testing by the globe's Microsoft users.

"Personally, I am in line for upgrading my home Windows machine to Windows 8," he said.

Reader comments
blog comments powered by Disqus
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
31 %
13 %
20 %