/build/static/layout/Breadcrumb_cap_w.png

MS TechEd 2013 - Securing Windows 8 Clients and Resources from Threats

*WARNING* Now the definition of this session made me think that it was going to be a session going into how you can secure Windows 8 from threats however, it really was a sales pitch of what feature Windows 8 has added into in for increased security.

Microsoft has made the decision to invest in four core areas:

  • Malware Resistance
  • Protect Sensitive Data
  • Modern Access Control
  • Trustworthly Hardware

Presentor spoke to one sepcific Malware Challenges that MS is currently facing is that Malware has the ability to interact with the pc prior to the completion of loading windows. This is one main reasons why MS is putting so much efforts into UEFI. Now its important to understand that UEFI isn't a MS technology rather a industry standard. Key benefits of UEFI that were outlined are:

  • Architecture-Indendency
  • Enables the device initialization and operation (mouse, pre-os apps, and menus)
  • UEFI firmware cannot be rolled back unlike legacy system.

Microsoft has also made the decision that TPM will be a requiement for all hardware that has the Windows logo by end of year.

The speaker also spoke to the fact that although Windows 7 leveraged ASLR and DEP it wasn't widely leveraged in Windows 7. In Windows 8 however, this is not the case because now its more the standard than that of the exception. Addition Windows 8 help makes it harder than ever to create exploits.

Trusted and Measured Boot Feature is Windows 8

Trusted Boot

  • Hardens the end to end boot process
  • Protects all system boot compnents and the anti-malware driver (ELAM)
  • Ensures defenses are running before malware get the chance to start
  • Automatic remediation/self healing if compromised.

Measure Boot

  • Comprehensive set of integrity measurements
  • Measurements can be offered to a Remote Attestation Service for analysis

So a review of how this all works now with Windows 8. Basically with the use of UEFI, TPM, Truted Boot, and Measure Boort allows for protection from power up of the hardware.

Now what about sign-in sercurity features in Windows 8.

PIN vs Picture, both very secure but the important thing to remember is that picture passwords are very easily seen by nearby users.

Windows 8 Firewall

Microsoft feels like they have no need to make any changes to Win8 Firewall because they have kept up throughtout the years with windows firwall needs.

Attestation & Verification

Microsoft 8 is basically putting this on the shoulders of 3rd party vendors as of now. Why? The speaker spoke to it but didn't come right out and say it but, basically they aren't sold off on the fact that Windows 8 is going to be bought into. So they don't want to spend development time on the feature.

Current companies that help fill the gap currently:

Windows 8 Security Wrap-Up

To sum it up, Windows 8 is MS shinning new toy that has all of its new security functionality.

 

 

 


Comments

This post is locked
 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ