Kernel crimps make Windows 8 a hacker hassle (The Register)
Windows 8 will make hackers' lives hard, says Windows internals expert, security researcher and co-author of the open source Windows XP clone ReactOS Alex Ionescu.
Now chief architect at CrowdStrke, a security company focused on nation-state adversaries, Ionescu says Windows 8 builds on the usermode exploit mitigations introduced into Windows Vista and 7 with new approaches to security that attempt to mitigate kernel mode attacks.
Ionescu will outline those new defences at the Ruxcon Breakpoint security conference in Melbourne, Australia, next week.
He'll tell the audience that many pathways to exploitation will be sealed off in the latest Windows release. "As usermode's been getting tighter and tighter to attack and as in the Windows case more and more services have been moved to the kernel, it's become quite a target … and the rewards are quite great," Ionescu says. "It'll be interesting to see how attackers deal with the new landscape [after the release of Windows 8]."
That Windows will be targeted is hard to doubt, given that in the past hackers have treated security in Microsoft's flagship as an unmitigated joke. Writing exploits for Windows XP was extremely easy and the resulting boom in malware affecting Windows users was unprecedented. But companies like Microsoft and Adobe have made significant headway in recent years by introducing exploit mitigations to their products.
That's not to say the vulnerabilities have all gone away, but features like application sandboxing, Data Execution Prevention (DEP) and Address Space Layout Randomisation (ASLR) make them difficult to exploit.
Microsoft's efforts started taking shape around 2004, when Service Pack 2 for Windows XP was released. It introduced a basic firewall to the operating system and pestered users into installing anti-virus software and opting for automatic OS updates.
Next came Vista with its much-loathed UAC feature and some basic memory mitigations like DEP and ASLR, with those features tweaked and carried over into Windows 7. All of a sudden, exploiting bugs on current-generation Windows became suddenly significantly harder and the number of usable exploits dropped off. The deluge, today, looks more like a trickle.
READ THE REST OF THIS PIECE AT THE REGISTER.
Putting your life in TBB's hands is maybe not so wise...5 days 1 min ago
Not a crazy amount of news this week, but some cool stuff nonetheless...5 days 8 min ago
PLUS: Cylance CEO Stuart McClure on the OPM hack...1 week 5 days ago
Lots of good stuff this week...1 week 5 days ago
Mark Piper joins Risky Business with the week's security news...2 weeks 5 days ago