Windows 8: FUD* for thought

[Nytro]

Windows 8: FUD* for thought

*Fear, Uncertainty, Doubt

Aryeh Goretsky, MVP, ZCSE

Table of contents
Introduction 3
Defender of the faith 4
Giving rootkits the boot 5
Nuts and bolts 6
Microsoft draws a line in the silicon 7
Sending criminals on the ELAM 8
To mend and defend 9
The evolution of evil 9
Attacking Windows 8 10
Social engineering: a hidden flaw? 10
Sensory (mis)perception 10
Developers: the new targets of opportunity? 11
Summing it all up/Windows 8 by the numbers 12
Author bio 14
About ESET 14

Introduction

In September of 2011, Microsoft released the first public preview of Windows 8, the next generation of their flagship desktop

operating system, at the BUILD Developer Conference 1, 2. Despite a flurry of pre-Microsoft leaks, interest in Windows 8

remained high, and the official release of the Windows 8 Developer Preview received a groundswell of attention in blogs,

articles and elsewhere. A subsequent release, titled Consumer Preview, was released at the end of February 2012. While it

contained some GUI changes, such as removal of the Start button from the taskbar, most of the changes to it were internal.

Three months later, at the end of May, the Release Preview of Microsoft Windows 8 was released, with the user interface,

feature set and APIs being close to (if not already) final. Much of the interest in Windows 8 focuses on cosmetic changes, such

as the new modern Windows 8 interface (formerly known as the Metro user interface) and replacement of the Start Menu

with the Start Screen, but substantial improvements have been made to Windows security, as well. In this white paper, we

will look at some of these changes, and what they mean to Windows 8’s users.

Defender of the faith

One of the most widely discussed features of Windows 8 is the inclusion of Windows Defender with the new operating

system. While this is not a new tool—Windows Defender has been included with all versions of Windows since Vista was

released in 2005—previous versions of Windows Defender were limited to protecting users against spyware. The version of

Windows Defender included with Windows 8 is actually a rebadged version of Microsoft Security Essentials, which has led

at least one prominent journalist to predict the end of antivirus software, or at least those from third parties 3. If that refrain

sounds familiar, it may be because you have heard it before: similar predictions were bandied about when it was announced

that Windows Vista would include Windows Defender 4, 5, 6 and a raft of new security features, such as User Account Control 7,

a Microsoft implementation of a least-privilege model for users.

Windows Defender as included with Windows 8 is a good product and does, in fact, provide a decent level of protection,

especially when compared against other free anti-malware programs. However, Windows Defender does not contain many

of the advanced features and functions of paid-for solutions, such as a high level of granularity for threat detection, task

scheduling, centralized management and reporting and so forth. As with other free anti-malware programs, support options

for Windows Defender are limited.

Many new computers purchased with Windows 8, however, will not have Windows Defender installed as their default antimalware

program. Many computer manufacturers ship their computers with a trial version of a commercial anti-malware

program installed on them. This is because those manufacturers receive payments from the anti-malware vendors to preload

the software onto the computers they sell 8. Computer manufacturers also receive a royalty when the computer user

purchases a license for the trial product, and when the license is renewed. While the amount of revenue this generates from

each individual is not huge—perhaps $15-to-30 USD—when multiplied over tens or hundreds of thousands of computers, it

becomes millions of dollars in revenue that computer manufacturers get from anti-malware companies. Microsoft has made

it easy for computer manufacturers to disable Windows Defender so that they may continue to receive payments from antimalware

vendors in exchange for bundling their anti-malware software 9, 10, 11.

------------------------------------------------------------------

Download:

http://go.eset.com/us/resources/white-papers/ESETNA_WP-Windows8-FUD.pdf

[TheTime]

The version of Windows Defender included with Windows 8 is actually a rebadged version of Microsoft Security Essentials, which has led at least one prominent journalist to predict the end of antivirus software, or at least those from third parties 3

Asa ceva nu se va intampla niciodata, o industrie atat de mare (si profitabila) nu dispare pur si simplu. Intotdeauna vor exista oameni care prefera sa pirateze win8, sa dea disable la automatic updates (deci windows defender nu va mai fi up to date), dar sa cumpere o licenta a unui antivirus 3rd party.

In plus, win8 nu va detine majoritatea pe piata OS-urilor. Cel putin nu prea curand.

Si, in caz de forta majora, companiile antivirus si-ar crea singure virusii care sa le readuca in prim plan, asa cum se zvoneste ca s-ar mai fi intamplat si in trecut.

Acel jurnalist era beat, sau poate doar ar trebui sa-si dea cu parerea despre un alt domeniu.