Hey frenzz...
Future operating system from Microsoft is a step forward in terms of security, said Chris Valasek (Chris Valasek), senior research specialist in the security company Coverity. He is exploring new mechanisms to protect Windows 8 in the fall of last year.
Windows 8 is different from Windows 7, the radical changes in design, but the operating system kernel remained virtually unchanged. Valasek said that between Windows 8 and Windows 7 is less difference than between XP and Vista. The only major innovation in the "eight" was the introduction of technology against malicious software. The specialist calls the new memory management system, namely the Windows Heap Manager, and Windows Kernel Pool Allocator, which considerably complicate the use of buffer overflow vulnerabilities.
These systems did not help reduce the number of vulnerabilities in the system, but an order of magnitude complicate their use for practical purposes, and this is the right approach: "It would be naive to believe that new vulnerabilities will not" - said Valasek.
In addition, another important change is the new sandbox. Applications to Windows 8 will be controlled much more tightly than before, which represents another line of defense against malware, penetrated into the system: "The new App Container gives the operating system to more accurately control the rights of individual applications, instead of using a broad concept of Integrity Levels, which appeared in Windows Vista / 7. "
Windows 8 comes with a new version of Internet Explorer 10, which will be disconnected from a third party plug-ins such as Flash and Java. But even if the majority of users will include these plugins back, exploits will make its way through the randomization of memory - another line of defense against new malicious code on Windows 8.
About UEFI reliability and efficiency of hardware-software digital signatures Valasek said nothing, because this issue was not included in the scope of his investigation. Last month he was engaged in reverse engineering Windows Heap Manager, analyzing executable files with a disassembler IDAPro.
Progress Report Valasek present in the presentation of "Windows 8 Heap Internals" on the Black Hat conference in Las Vegas, July 25, 2012
0 comments:
Post a Comment