Kernel crimps make Windows 8 a hacker hassle (The Register)
Windows 8 will make hackers' lives hard, says Windows internals expert, security researcher and co-author of the open source Windows XP clone ReactOS Alex Ionescu.
Now chief architect at CrowdStrke, a security company focused on nation-state adversaries, Ionescu says Windows 8 builds on the usermode exploit mitigations introduced into Windows Vista and 7 with new approaches to security that attempt to mitigate kernel mode attacks.
Ionescu will outline those new defences at the Ruxcon Breakpoint security conference in Melbourne, Australia, next week.
He'll tell the audience that many pathways to exploitation will be sealed off in the latest Windows release. "As usermode's been getting tighter and tighter to attack and as in the Windows case more and more services have been moved to the kernel, it's become quite a target … and the rewards are quite great," Ionescu says. "It'll be interesting to see how attackers deal with the new landscape [after the release of Windows 8]."
That Windows will be targeted is hard to doubt, given that in the past hackers have treated security in Microsoft's flagship as an unmitigated joke. Writing exploits for Windows XP was extremely easy and the resulting boom in malware affecting Windows users was unprecedented. But companies like Microsoft and Adobe have made significant headway in recent years by introducing exploit mitigations to their products.
That's not to say the vulnerabilities have all gone away, but features like application sandboxing, Data Execution Prevention (DEP) and Address Space Layout Randomisation (ASLR) make them difficult to exploit.
Microsoft's efforts started taking shape around 2004, when Service Pack 2 for Windows XP was released. It introduced a basic firewall to the operating system and pestered users into installing anti-virus software and opting for automatic OS updates.
Next came Vista with its much-loathed UAC feature and some basic memory mitigations like DEP and ASLR, with those features tweaked and carried over into Windows 7. All of a sudden, exploiting bugs on current-generation Windows became suddenly significantly harder and the number of usable exploits dropped off. The deluge, today, looks more like a trickle.
READ THE REST OF THIS PIECE AT THE REGISTER.
Public satellite imagery yields a wealth of intelligence...2 days 2 hours ago
Awesome feature track this week. Check it out here!2 days 3 hours ago
Special guests The Grugq, Singe, Charl and Andrew...1 week 2 days ago
Pwnage! Malware! Cats and dogs living together!1 week 2 days ago
All your herp derps are belong to RPTs...3 weeks 2 days ago
- Love the Das Efx tribute.
10 weeks 3 days ago
- LOL so no comment by Adobe's
11 weeks 5 days ago
- Welcome back, great stuff as
14 weeks 1 day ago
- AEDs are very accurate and
20 weeks 4 days ago
- I did see that after we
21 weeks 8 hours ago
- Great podcast, a small
21 weeks 5 days ago
- Peck of pickled peppers? We
24 weeks 4 days ago
- Link to Sophail: Applied
27 weeks 2 days ago
- Fixed. I got autocorrected...
29 weeks 3 days ago
- it's jduck, not duck
29 weeks 3 days ago