Windows 8 security: Stronger but gentler

Microsoft's next operating system incorporates more security than Windows Vista, with fewer annoying upfront notifications

The Metro GUI is the most visible representation of Microsoft's coming operating system. While the release of the tentatively named Windows 8 is still a year away, the company has not been shy about putting the multicolor tiled interface front and center.

Windows 8's security improvements will be much less visible, and that's just the way Microsoft wants it. The company has added a number of protection features to Windows 8 to better protect the system, all the while making the security less intrusive by limiting the number of notifications a user may receive.

For example, the company's SmartScreen technology for detecting potentially malicious sites -- introduced with Internet Explorer 8 -- will be built right into the OS to allow any file downloaded to a Windows 8 computer to be checked out by the system, yet the protection should not alert the average user more than twice a year, Microsoft says.

The higher signal-to-noise ratio will likely make users pay more attention to the truly dangerous incidents, Steven Sinofsky, president of Microsoft's Windows and Windows Live division, writes in a blog post on Microsoft's Developer Network.

"When they do see (a notice), it will signify a higher risk scenario," he says in a description of the feature.

Using its telemetry data, Microsoft has found that 95 percent of Internet Explorer 9 users do not run malicious software when they receive a SmartScreen warning. Once a user receives a SmartScreen warning, their chance of getting malware if they run the suspect program varies from 25 to 70 percent, according to Microsoft. Some 92 percent of applications downloaded by users already have an established reputation, so SmartScreen does not issue a notification.

Allowing SmartScreen to check applications downloaded by other browsers and applications is not the only feature Microsoft has added. Here are the ones currently announced.

Improving Windows Defender

Microsoft noticed a disturbing trend among Windows 7 users: While almost all users had antivirus protection following the purchase of Windows 7 -- due, most likely, to trial subscriptions shipped with new PCs -- almost a quarter of them let those subscriptions lapse in the ensuing months.

The company plans to make Windows Defender a baseline security solution, which will block all commonly used malware, worms, Trojan horses, and other attacks. Microsoft plans to use a file system filter to better protect critical files.

Making Windows 8 harder to exploit

Like Apple did with its security improvements to Mac OS X Lion, Microsoft plans to harden the operating system to attack. With each release, both Apple and Microsoft have bolstered a key anti-exploit technology known as ASLR (address space layout randomization). Windows 8 is no different: More components of Windows will use ASLR, and the memory randomization will be better.

1 2 Page 1
Page 1 of 2