I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and observations from the conference on twitter under @nmacdona.
Like Windows 7, Windows 8 will continue to raise the bar in terms of security capabilities of the base OS. Here’s a list I compiled of the new capabilities:
- Antimalware protection built into the OS – basically Microsoft’ Security Essentials (beyond just Windows Defender included with Windows 7)
- Earlier loading of security protection in the boot process to thwart rootkits and other boot-level malware
- File reputation services (SmartScreen) – was included with IE9, now expanded to protect the entire OS.
- Root of trust measurements of the OS based on UEFI – if we need this for hypervisors, why not all OSs? Microsoft has had something similar with BitLocker using TXT and has now extended this to all versions.
- Windows Refresh – to restore Windows back to a known good state, while preserving end user personalization, enabling Systematic Workload Reprovisioning.
- Windows now supports boot from USB – quite useful in specific scenarios. Combined with BitLocker and root of trust measurements, this becomes a way to place an unknown terminal device into a high assurance state.
For the new “Metro Style” side of Windows 8 (the WinRT side), it is clear that the security model of Apple and the iPhone/iPad has had an impact:
- Reduced rights and strengthening of mandatory integrity controls of the OS.
- Metro-style applications can only be delivered through the Microsoft application store which now includes security testing (a form of implicit whitelisting).
- Sensitive API access is proxied through a security policy enforcement mechanism which validates the application’s right to use them
- “Picture Password” as a touch-native way of authenticating yourself to Windows 8
Overall, Windows 8 provides evolutionary – not revolutionary — improvement in security capabilities and raise the bar in terms of what an OS should deliver in terms of security protection.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.