Recently I covered a post about Austrian-based Security Analyst Peter Kleissner and his new exploit for Windows 8. The exploit was designed to work around Microsoft’s new boot improvements in order to hack into Windows 8, essentially. It would load up from the master boot record and reside all the way through startup allowing root access to the entire machine.
Windows 8’s boot loader has added a number of new security features to prevent malware and security breaches, this includes requiring valid digital signatures. Microsoft had previously hoped that such a move would stop malware by blcoking unsigned software from loading into memory software.
Despite Microsoft’s hopes and intentions, Peter proved that it really wasn’t exactly rocket science to find a way to crack Windows 8.
Is this a flaw in Windows 8 exactly, then? Honestly, as long as computers exist there will be people who find ways to do things that companies didn’t intend, these are known as hackers to most of us. Microsoft can not and will not find a way to create a product that will completely prevent Windows from being hack proof.
Even throwing away Windows completely and starting from scratch would offer no guarantee. As an example, Linux is fairly virus free but Android (which is based on Linux) has started to have a growing virus problem of late.
So if you can beat malware and virus makers, what is the next best step? Staying ahead of the game and creating easy tools to help fight the good fight, so to speak.
Microsoft has now provided such a tool with its “Windows Defender Offline BETA”. This brand new tool likely has Windows 8 in mind, though it does work with older versions too.
With the free tool, you download it and burn it to a disc or a flash device. The purpose of the new tool is to run it as your ‘boot device’ occasionally to check for malware that might be hiding in your boot-up experience.
The release of this tool so closely to the release of Peter’s malware proof-of-concept is no coincidence but I’m glad to see Microsoft being proactive about the entire situation.
Windows 8 will likely have a virus and malware problem for the remainder of its life, and only Microsoft knows how long that is for sure I suppose. Even a future OS by Microsoft (or anyone else) makes no promises about security, but I can confidently see that Microsoft is really working hard to make sure that Windows 8 is a more secure experience than past versions.
This starts with the new Defender (which includes malware, spyware, and antivirus) and ends with the addition of other tools such as this new offline boot checking tool.
What do you think about the new security measures in Windows 8? Is Microsoft going fair enough or is there something better they could be doing to protect their users?
I feel that Microsoft has made many interesting moves with its Metro interface, but its really its new attitude towards speed and security that truly has me excited for the future of Windows.
What is your opinion overall? Please share with us below!