If every computer had antivirus software running, life would be tough for bot herders and cyber crooks.
Windows 8 will put the squeeze on those creeps. It has antivirus protection built right in, enabled by default if no other antivirus is present.
But the new security features at the very deepest level may be even more significant.
So far, COM file programs for the original MS-DOS were laughably insecure by modern standards.
Early file-infector viruses simply appended their own code to the program's end and replaced the very first instruction with a jump to that code.
The EXE file format, still in use today, isn't quite as open to manipulation. It does distinguish between memory areas used for code and those used for data. Windows XP SP2 introduced Data Execution Protection, which ensures that a memory area marked as data will never be executed
Even with these enhancements, malware writers managed to craft attacks that could inject arbitrary code into trusted processes. Address Space Layout Randomization (ASLR), introduced with Windows Vista, made those attacks tougher by making it impossible for an attacker to predict where in memory a given code module would load.
Statement Given by Valasek and Mandt
Windows 8 Toughens Up
Despite all these protective features, malware attacks can still succeed in Windows 7. Windows 8 will block many such attacks by toughening up at the very deepest level—memory allocation. Many low-level memory functions have new safeguards in Windows 8.
source (pc mag) | credit (think digit)
Stay tuned For More Updates
Windows 8 will put the squeeze on those creeps. It has antivirus protection built right in, enabled by default if no other antivirus is present.
But the new security features at the very deepest level may be even more significant.
So far, COM file programs for the original MS-DOS were laughably insecure by modern standards.
Early file-infector viruses simply appended their own code to the program's end and replaced the very first instruction with a jump to that code.The EXE file format, still in use today, isn't quite as open to manipulation. It does distinguish between memory areas used for code and those used for data. Windows XP SP2 introduced Data Execution Protection, which ensures that a memory area marked as data will never be executed
Even with these enhancements, malware writers managed to craft attacks that could inject arbitrary code into trusted processes. Address Space Layout Randomization (ASLR), introduced with Windows Vista, made those attacks tougher by making it impossible for an attacker to predict where in memory a given code module would load.
Statement Given by Valasek and Mandt
"Windows 8 isn't totally hack-proof But Not as long as humans are writing the code"
Windows 8 Toughens Up
Despite all these protective features, malware attacks can still succeed in Windows 7. Windows 8 will block many such attacks by toughening up at the very deepest level—memory allocation. Many low-level memory functions have new safeguards in Windows 8.
source (pc mag) | credit (think digit)
Stay tuned For More Updates
comment 0 التعليقات:
more_vertsentiment_satisfied Emoticon