Microsoft details its security improvements for Windows 8

By Tom Warren, on 15th Sep 11 9:15 pm with 30 Comments

Microsoft revealed on Thursday a set of security improvements built into Windows 8.

Windows 8 will include an array of security features to better protect end users against a variety of online threats. Microsoft is beefing up its Windows Defender solution to include improved protection for a range of malware. “The improvements to Windows Defender will help protect you from all types of malware, including viruses, worms, bots and rootkits,” said Microsoft’s Jason Garms in a blog post on Thursday.

Microsoft will deliver the same set of malware signatures via Windows Update. Defender will now include real-time detection and protection from malware using a file system filter. Defender will also interface with Microsoft’s secure boot technology in Windows 8. Windows PCs with UEFI-based secure boot will be able to take advantage of Microsoft’s Windows security to ensure firmware and firmware updates all remain secure. Microsoft is able to achieve this by loading only properly signed and validated code during boot. “This helps ensure that malicious code can’t load during boot or resume, and helps to protect you against boot sector and boot loader viruses, as well as bootkit and rootkit malware that try to load as drivers,” said Garms.

Microsoft has overhauled the Windows Defender user experience too. Updates will no longer continually pop up, a user will simply be reminded that their PC is going to restart soon with a message in the lower right of the Metro interface. The performance of Windows Defender has also been greatly improved. Microsoft is doing some important work in Windows 8 as a whole and Defender adds only 4% CPU use to boot time. The improvements will also result in improved battery life as defender consumes less power.

Despite the improvements to Defender, Microsoft says it’s also working with other security vendors to ensure their apps are also improved with Windows 8. “We’re continuing to work with antimalware partners during the Windows 8 development process so you have the best possible Windows PC experience no matter what antimalware solution you choose,” said Garms.

Windows 8 application warning

The final piece of Microsoft’s security puzzle is the improvement in SmartScreen filtering for Windows and Internet Explorer. Microsoft has extended its browser technology to Windows as a whole. Windows 8 will now protect end users by checking applications and URLs against reputation-based database. The technology appears to be working on existing solutions. “Telemetry data shows 95% of Internet Explorer 9 users are choosing to delete or not run malware when they receive a SmartScreen application reputation warning,” revealed Garms. Windows 8 will warn users against apps that have little to no reputation or are a risk. “We’ve seen dramatic results with this approach in Internet Explorer,” said Garms. “We’re happy to bring it to a broader set of Windows scenarios.”

  • Anonymous

    So I guess this means that Microsoft Security Essentials is no longer necessary in Windows 8?

    • Anonymous

      Windows Defender IS Microsoft Security Essentials. a little changed, with a UI like MSE 1, but its the same but rebranded.

    • Johnwr29938

      Actually, it’s not (atleast on Win vista/7). Windows defender came from Giant antispyware, and as you can guess, it’s primarily against spyware. MSE is a full-blown antivirus + antispyware. From what I can gather, Windows defender in win 8 will give full protection like MSE.

    • Anonymous

      That’s what the previous commenter was saying.

    • Johnwr29938

      aah, I misread that post then.

    • http://pulse.yahoo.com/_KTAHVKS2RNDWTQPHQEJALLRNEQ Adam Paris

      LOL

    • Guest

      Yes, if you dig around the Windows 8 DP in Control Panel, the Defender UI is now very similar to Security Essentials on Vista/7.  The Action Center shows Defender as providing virus protection.   Perhaps Defender is just a catchier name than Windows Security Essentials and the time has come for Windows to ship with AV.

    • Guest

      Yes, if you dig around the Windows 8 DP in Control Panel, the Defender UI is now very similar to Security Essentials on Vista/7.  The Action Center shows Defender as providing virus protection.   Perhaps Defender is just a catchier name than Windows Security Essentials and the time has come for Windows to ship with AV.

  • Delta470

    It’s going to be baked into the OS from what I’ve heard on here and from the build conference.

  • Omar Noriega

    So no more need to have an antivirus?

    • Dingo

      no, but they can’t say it that way (antivirus companies need to make a living) :)

    • Tom

      Exactly.

      The antivirus “partners” can rot in hell for all the trouble they’ve caused.  I once cut someone’s shutdown time from 10 *minutes* to a few seconds by uninstalling Norton.  That’s how bad it was.  No popups.  No logging.  No information.  Just agonizing shutdown times.

      And if the European Union doesn’t like the bundling, then their computers can just run slower than everyone else’s.

  • Frylockns86

    Windows SmartScreen should simply prevent EXEs from running and also NOT give the user to “run anyway”.

    When all people do is just click through prompts *regardless* of what is says, the feature is simply not useful in preventing malware.

    • Frylockns86

      If not, at least the Windows SmartScreen warning prompt should be red, NOT green!

    • Guest

      Uh no. Red if something bad happened. In this case everything is still a go! ie: Green

    • Frylockns86

      That message is pretty much warning the user they’re about to install malware. It should be red to catch their attention. With a dull color like that green, and they’re just going to ignore the prompt and continue anyway.

    • Reply

      I don’t think that’s quite right. This is a warning that the app, and/or publisher, lacks credibility, not that it’s malware.         …well that’s what I gathered from the blog post anyway

    • Pinna

      Than make it yellow or orange :D – But I think it’s the theme color

    • Anonymous

      Not really, a red message that tells you you’re safe? Nah.

    • http://twitter.com/tuvok89 tuvok

      Maybe they should add a timer so that you can only proceed after 3 sek which is more likely to make people read whats on the screen …

    • Anonymous

      That is it, most users simply click on anything to “get that shit off the screen” without bother to read anything.

    • Frylockns86

      Exactly why I suggested the prompt be red instead of green. I think the red helps users stop and actually read what is on the screen. A soft smooth color like the green that was shown, is only going to deter users from reading the prompt and go straight for the “run anyway” button.  

    • GP007

      There are times it could bring up something as a false-positive that I myself know is fine and I want to run anyways.  I should still have that option somewhere.

  • The Black Mamba

         While I am all excited with the plethora of features that are coming, well promised to come, with windows 8. We as users should worried about other company trying to depict those deep integratation as anti-competitive thus leading to another microsoft antitrust charge. think about a security system that is implemented throughou the whole system. No other anti-virus will be able to duplicate and offer such high level of security. Personally, I dont use no other antivirus except MSE, so I won’t be missing any other antivirus although there should still be here as an option.

  • Miro

    so it’s 2011, the registry is still there AND they still haven’t sandboxed all apps to stay in their own environment!!! I’m starting to consider giving up on MS

    • http://twitter.com/mcakins McAkins Online

      AND how many OS software have you written if O may ask? Go write a better OS without registry, and do us all a favour; or just quit trolling already.

    • Anonymous

      No registry in Linux, and it runs rings around Windows in the server space…

    • http://www.facebook.com/Michiel.Papp Michiel Papp

      except when you use it in an office enviorment where linux sucks. Have fun trying out obscure commands while i dissable external usb drives in group policy :p

      (litterly what i’m doing right now :p)

    • Test1ngi23

      LOL. Just in case you didn’t know, registries and the command line are two completely different things and have nothing to do with each other.

      Yes, Linux command line is harder than Windows GUI, but that has nothing to do with Linux’s lack of a registry.

    • Anonymous

      As I said, server space… On the desktop, Linux is… well… shit.