Microsoft will bring a lot of secuity improvements to the kernel and a dynamically assigned area of memory known as the heap. Finally, the company plans to add defenses to Internet Explorer to eliminate "use-after-free" vulnerabilities, which make up three-quarters of the flaws reported in IE in the past two years. Basically, we can expect Internet Explorer to do a better job of cleaning up after itself and flushing away sensitive data after it has been used.
Supporting UEFI Secure Boot
Finally, Microsoft will use the UEFI (Unified Extensible Firmware Interface) to implement a secured boot process. UEFI Secure Boot allows the firmware to cryptographically verify the integrity of the computer's envrionment, preventing malicious software from executing before the computer boots into the operating system.
Secure Boot uses the Trusted Platform Module, a piece of hardware that has shipped in millions of systems, but largely remains unused. Microsoft had planned a similar feature, dubbed Secure Startup, in Windows Vista in 2005, but faced industry concerns that the company could block the installation of other operating systems on PC hardware.
Hardware OEMs will be required to support the architecture, but otherwise, Microsoft claims it will be vendor neutral. While the company aim is quiet security, expect this feature to create a fairly loud debate.
This story, "Windows 8 security: Stronger but gentler," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.