Jump to content
Tushman

Interesting article on Windows 8 security

Recommended Posts

I must be psychic these days. For some reason I felt there were some tremors in the IT world. So I went on Google and typed in "I.T. related news". It returned several links. I just so happened to click on the link that took me to Infoworld's main website. There I found a headline that caught my attention.

 

The article is written by Ellen Messmer but look who she quotes within the story.

 

Windows 8 brings malware improvements, says antivirus researcher.

 

With Windows 8, Microsoft is taking a distinctly different -- and likely far better -- approach to how anti-malware will run in comparison to earlier versions of Windows, says Aryeh Goretsky, researcher at antivirus software firm ESET. Microsoft's approach, called "Early Launch Anti-Malware," basically means the first software driver to be loaded into the Windows 8 OS upon its use will be the driver of the user's anti-malware software. This is a major change because "before, it was a 'no man's land,'" says Goretsky, meaning loading driver software on the user's machine was random and "a malicious device driver" could get there first, allowing the malware to trump the anti-malware and maybe turn it off.

 

Full article here.

  • Like 2

Share this post


Link to post
Share on other sites

You gotta be kidding me. Only 1 reply? Where is the love for Aryeh? C'mon you guys - it's Aryeh! not just some joe schmoe down the street who doesn't know what he's talking about.

  • Like 2

Share this post


Link to post
Share on other sites
:blink: Aryeh is a real person ?!?!? Edited by crp
  • Like 1

Share this post


Link to post
Share on other sites

Hello,

 

One hopes so, crp. One hopes so.

 

Regards,

 

Aryeh Goretsky

Share this post


Link to post
Share on other sites

Not only is Aryeh real, so is Dexter, his good dog. :whistling:

Edited by zlim
  • Like 3

Share this post


Link to post
Share on other sites
With Windows 8, Microsoft is taking a distinctly different -- and likely far better -- approach to how anti-malware will run in comparison to earlier versions of Windows, says Aryeh Goretsky, researcher at antivirus software firm ESET. Microsoft's approach, called "Early Launch Anti-Malware," basically means the first software driver to be loaded into the Windows 8 OS upon its use will be the driver of the user's anti-malware software. This is a major change because "before, it was a 'no man's land,"" says Goretsky, meaning loading driver software on the user's machine was random and "a malicious device driver" could get there first, allowing the malware to trump the anti-malware and maybe turn it off.

 

So what will that mean in real world choices for say someone who uses ESET NOD32 and Malwarebytes Anti-Malware for instance?

Share this post


Link to post
Share on other sites

Not only is Aryeh real, so is Dexter, his good dog. :whistling:

I thought that was a cat

Share this post


Link to post
Share on other sites

Hello,

 

AV-Test lists both ESET NOD32 Antivirus and ESET Smart Security as being compatible with Windows 8 here. I did not see anything listed for MBAM or any mention on Malwarebytes web site, but I would be surprised if they were not yet compatible.

 

Regards,

 

Aryeh Goretsky

 

 

So what will that mean in real world choices for say someone who uses ESET NOD32 and Malwarebytes Anti-Malware for instance?

 

Hello,

 

A slightly larger picture can be found at http://www.edexter.com/.

 

Regards,

 

Aryeh Goretsky

 

I thought that was a cat

  • Like 1

Share this post


Link to post
Share on other sites

Ah, so sorry to hear that Dexter is gone. After 17 years together, I'm sure you miss him.

Share this post


Link to post
Share on other sites

So sorry to hear about Dexter passing on. Losing a good friend of 17 yrs is no fun. We lost our good dog, Whitie after nearly 15 years, about the same time Dexter was born. It was a very hard thing.

Share this post


Link to post
Share on other sites

Hello,

 

Yes, I was just looking at some photos of Dexter. He was a very good dog.

 

Regards,

 

Aryeh Goretsky

Share this post


Link to post
Share on other sites

I'm so sorry to hear about Dexter, Aryeh.

 

Regarding compatibility, ESET products and MBAM (with multiple iterations of the name) are shown as compatible at the Windows 8 Release Preview Compatibility Center: Find Updates, Drivers, & Downloads.

 

ESET: http://www.microsoft...SearchTerm=ESET

 

MBAM: http://www.microsoft...rm=Malwarebytes

  • Like 1

Share this post


Link to post
Share on other sites

Excellent! :D I would assume that Microsoft Security Essentials would also be compatible? They will be bringing that forward too right?

Share this post


Link to post
Share on other sites

Hello,

 

In Windows 8, MSE has been rebranded as Windows Defender and is included with the operating system.

 

Regards,

 

Aryeh Goretsky

Share this post


Link to post
Share on other sites

I remember reading something about that. As long as you don't have any other antivirus, it remains active, but if you install one of your own, it deactivates or something like that, right?

 

Ah, wait, there is even a caveat on that as noted in this PCWord article:

 

Bear in mind that even though Microsoft will include Windows Defender in Windows 8, PC manufacturers may disable the program on new PCs that carry preinstalled antivirus software from a third-party such as Norton or McAfee. The preinstalled third-party antivirus options are usually limited-time trials, so your initial decision may be whether to keep any preinstalled antivirus; if you decide against keeping it, you'll need to decide whether to enable Windows Defender and use it or to switch to another third-party antivirus program.

 

More in the article.

 

They also do a comparison between the free antivirus software with their conclusion for Windows 8:

 

If your Windows 8 PC comes with a third-party antivirus preinstalled on it, you should first check the program's ranking; if it doesn't rank in the top four, consider opting out and using something else. As we've seen, the free antivirus built into Windows 8 should be easy to use and should provide excellent malware removal, but it will likely be relatively weak at detecting malware in the first place.

 

That's where a combination of Microsoft Security Essentials and updating and running Malwarebytes Anti-malware weekly or as needed if something seems odd with the system, would be a good secondary free (non-realtime) support to Microsoft Security Essentials for those who prefer a totally free solution.

 

 

For pay to play ones, this article on PCWorld suggests a list in order of best at the top Security Suites (it doesn't do antivirus only):

 

 

Personally, I like Microsoft Security Essentials (free alternative) or ESET NOD32 (pay-to-play alternative) and Malwarebytes Anti-malware along with free/pay-to-play WinPatrol, but that's just me.

Edited by LilBambi
  • Like 1

Share this post


Link to post
Share on other sites

Yes! For sure! But that's an inoculation, not a scanner. But yes, that is definitely in there as well as CCleaner for weeklies! ;)

Share this post


Link to post
Share on other sites

Hello,

 

Precisely. To quote from the white paper:

 

Many new computers purchased with Windows 8, however, will not have Windows Defender installed as their default anti-malware program. Many computer manufacturers ship their computers with a trial version of a commercial anti-malware program installed on them. This is because those manufacturers receive payments from the anti-malware vendors to pre-load the software onto the computers they sell 8. Computer manufacturers also receive a royalty when the computer user purchases a license for the trial product, and when the license is renewed. While the amount of revenue this generates from each individual is not huge—perhaps $15-to-30 USD—when multiplied over tens or hundreds of thousands of computers, it becomes millions of dollars in revenue that computer manufacturers get from anti-malware companies. Microsoft has made it easy for computer manufacturers to disable Windows Defender so that they may continue to receive payments from anti-malware vendors in exchange for bundling their anti-malware software 9, 10, 11.

 

One of the requirements from Microsoft for Windows 8 is that all anti-malware software should be able to cleanly install, disable and uninstall itself. In the past, switching anti-malware products under Windows has been problematic because some anti-malware solutions left files, drivers, processes, registry entries, services and other remnants on a system after they were uninstalled, which would cause various conflicts as well as compatibility and performance issues when new anti-malware software was installed. These changes for anti-malware software in Windows 8 should not only make it much easier for consumers and businesses to replace Windows Defender with other anti-malware software, but also to switch from one anti-malware program to another.

 

So, all antimalware programs which pass Microsoft's Windows 8 certification process should play nicely with each other in terms of uninstalling cleanly to allow the next program to take over the task of keeping the system clean.

 

Oh, and in demi-related discussion, ESET announced their Windows 8 support plans here in a blog post.

 

Regards,

 

Aryeh Goretsky

 


9 Keizer, Gregg. “Windows 8’s built-in AV to be security of last resort.” Security News. 4 Jun. 2012. ComputerWorld. https://www.computer..._of_last_resort

10 Bright, Peter. “Windows 8’s built-in antivirus will put third-party products first.” Technology Lab. 4 Jun. 2012. Ars Technica. http://arstechnica.c...products-first/

11 Kingsley-Hughes, Adam. “Microsoft’s Compromise on Windows 8 Security Leaves Consumers Vulnerable.” Forbes Tech Blog. 8 Jun. 2012. Forbes Media, LLC. http://www.forbes.co...ers-vulnerable/

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...