Risk
9/20/2012
03:55 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Want Better Security? Get Windows 8

The new OS and Internet Explorer 10 protect applications and limit the fallout of exploits.

InformationWeek Green - September 24, 2012
InformationWeek Green
Download the entire Sept. 24, 2012, issue of InformationWeek, distributed in an all-digital format as part of our Green Initiative
(Registration required.)
We will plant a tree for each of the first 5,000 downloads.

Here Comes Windows 8

Windows 8 and Internet Explorer 10 may prove to be Microsoft's most secure OS and browser to date. The company began repairing its dismal reputation for security with Windows 7; this latest version takes significant steps to provide a more secure operating environment for PCs. Our advice? Upgrade desktops and laptops as soon as you can, especially if you're among the 20% of respondents to our latest InformationWeek Windows 8 Survey still clinging to Windows XP--a bad plan for multiple reasons.

Leading the list of improvements driving us to make this recommendation: enhanced application controls via a platform named AppContainer, in which Microsoft borrows a page from the mobile OS security playbook by forcing application developers to explicitly define what an app is allowed to do. Microsoft also introduces or enhances other security features, including a robust anti-malware package that comes standard with the OS--and must be giving antivirus vendors agita--and a new feature to make passwords easier to remember but harder for attackers to crack.

However, the most significant security change we see in Windows 8 is not so much the actual features; it's Microsoft's mindset. The Win 8 security paradigm is built around applications, particularly those that run in browsers. To that end, Internet Explorer 10 for Windows 8 includes some significant security upgrades, a welcome development because most attacks that target users come from the Web.

Of particular note is AppContainer, an aggressive application permission configuration feature introduced in IE10. AppContainer functions similarly to application sandboxing on mobile operating systems, such as iOS and Android. Under AppContainer, a developer must produce a manifest file that links directly to the application and defines what it can and cannot do. For instance, a developer might indicate on a manifest that an application can initiate outbound connections to the Internet, but it can't receive an incoming connection. If that application is subsequently exploited, and the exploit instructs the application to open a port for an inbound communication, the Windows 8 kernel will prevent the port from opening, thus limiting potential damage.

There are many other permissions within the AppContainer model, including the ability to instruct that an app may talk only to the Internet and not the local network, or vice versa, or decide which Windows 8 libraries, such as music, videos, pictures, or even removable storage, the app can access. We expect Microsoft to add more options for AppContainer in subsequent releases and service packs.

To read the rest of the article,
Download the Sept. 24, 2012, issue of InformationWeek

Our full report on Windows 8 and security is available free with registration.

This report includes 21 pages of action-oriented analysis with 13 charts. What you'll find:
  • Detailed analysis of new and enhanced security features
  • Exclusive survey results
Get This And All Our Reports


Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
9/25/2012 | 7:41:37 AM
re: Want Better Security? Get Windows 8
"The new OS and Internet Explorer 10 protect applications and limit the fallout of exploits." - As can be clearly seen by the security patches already available for the OS that isn't even available for the general public.

And why the heck do you make people download an entire digital issue just to read the rest of one article?
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: So...are we supposed to be the elves or the reindeer?
Current Issue
Five Things Every Business Executive Should Know About Cybersecurity
Don't get lost in security's technical minutiae - a clearer picture of what's at stake can help align business imperatives with technology execution.
Flash Poll
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Dark Reading Strategic Security Report: The Impact of Enterprise Data Breaches
Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Security researchers are finding that there's a growing market for the vulnerabilities they discover and persistent conundrum as to the right way to disclose them. Dark Reading editors will speak to experts -- Veracode CTO and co-founder Chris Wysopal and HackerOne co-founder and CTO Alex Rice -- about bug bounties and the expanding market for zero-day security vulnerabilities.