Risk
9/20/2012
03:55 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Want Better Security? Get Windows 8

The new OS and Internet Explorer 10 protect applications and limit the fallout of exploits.

InformationWeek Green - September 24, 2012
InformationWeek Green
Download the entire Sept. 24, 2012, issue of InformationWeek, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree for each of the first 5,000 downloads.

Here Comes Windows 8

Windows 8 and Internet Explorer 10 may prove to be Microsoft's most secure OS and browser to date. The company began repairing its dismal reputation for security with Windows 7; this latest version takes significant steps to provide a more secure operating environment for PCs. Our advice? Upgrade desktops and laptops as soon as you can, especially if you're among the 20% of respondents to our latest InformationWeek Windows 8 Survey still clinging to Windows XP--a bad plan for multiple reasons.

Leading the list of improvements driving us to make this recommendation: enhanced application controls via a platform named AppContainer, in which Microsoft borrows a page from the mobile OS security playbook by forcing application developers to explicitly define what an app is allowed to do. Microsoft also introduces or enhances other security features, including a robust anti-malware package that comes standard with the OS--and must be giving antivirus vendors agita--and a new feature to make passwords easier to remember but harder for attackers to crack.

However, the most significant security change we see in Windows 8 is not so much the actual features; it's Microsoft's mindset. The Win 8 security paradigm is built around applications, particularly those that run in browsers. To that end, Internet Explorer 10 for Windows 8 includes some significant security upgrades, a welcome development because most attacks that target users come from the Web.

Of particular note is AppContainer, an aggressive application permission configuration feature introduced in IE10. AppContainer functions similarly to application sandboxing on mobile operating systems, such as iOS and Android. Under AppContainer, a developer must produce a manifest file that links directly to the application and defines what it can and cannot do. For instance, a developer might indicate on a manifest that an application can initiate outbound connections to the Internet, but it can't receive an incoming connection. If that application is subsequently exploited, and the exploit instructs the application to open a port for an inbound communication, the Windows 8 kernel will prevent the port from opening, thus limiting potential damage.

There are many other permissions within the AppContainer model, including the ability to instruct that an app may talk only to the Internet and not the local network, or vice versa, or decide which Windows 8 libraries, such as music, videos, pictures, or even removable storage, the app can access. We expect Microsoft to add more options for AppContainer in subsequent releases and service packs.

To read the rest of the article,
Download the Sept. 24, 2012, issue of InformationWeek

Our full report on Windows 8 and security is available free with registration.

This report includes 21 pages of action-oriented analysis with 13 charts. What you'll find:
  • Detailed analysis of new and enhanced security features
  • Exclusive survey results
Get This And All Our Reports


Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
9/25/2012 | 7:41:37 AM
re: Want Better Security? Get Windows 8
"The new OS and Internet Explorer 10 protect applications and limit the fallout of exploits." - As can be clearly seen by the security patches already available for the OS that isn't even available for the general public.

And why the heck do you make people download an entire digital issue just to read the rest of one article?
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: " I think Google Doodle is getting a little out of control"
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.