HomeEnterprise Apps

Microsoft Details Security Features of New Windows 8 OS

CIO Insight Staff
By CIO Insight Staff
Updated on:

Microsoft is detailing some of its security procedures for Windows 8.

Key to Windows 8’s platform integrity architecture is its UEFI (Unified Extensible Firmware Interface), a set of specifications for how the operating system communicates with platform firmware during the boot-up process. UEFI features a firmware validation process known as secure boot, which dictates how that firmware manages security certificates, firmware validation, and the like.

“Microsoft’s platform integrity architecture creates a root of trust with platform firmware using UEFI secure boot and certificates stored in firmware,” Tony Mangefeste, a member of the Windows Ecosystem team, wrote in a Sept. 22 posting on the Building Windows 8 blog. “With Windows 8’s secured boot architecture and its establishment of a root of trust, the customer is protected from malicious code executing in the boot path by ensuring that only signed, certified known good code and boot loaders can execute before the operating system itself loads.”

In theory, UEFI secure boot will allow machines running Windows 8 to sidestep a current vulnerability in many PCs, namely that the pre-operating system environment is vulnerable to malicious loaders redirecting the boot loader handoff.

“For Windows customers, Microsoft is using the Windows Certification program to ensure that systems shipping with Windows 8 have secure boot enabled by default,” Mangefeste added. Windows Certification will also ensure that firmware not allow programmatic control of secure boot (to prevent malware from disabling security policies in firmware), and that OEMs prevent unauthorized attempts at updating firmware that could compromise system integrity.  

During the BUILD conference earlier in September, Windows and Windows Live division President Steven Sinofsky demonstrated Windows 8’s security measures by having a fellow executive plug a USB with a rootkit virus into the port of a tablet running the operating system. The device failed to boot up and compromise the system.

To read the original eWeek article, click here: Microsoft’s Windows 8 Security Includes UEFI Secure Boot

Previous article
Seattle Children’s Hospital’s Latest IT Project Meets with Universal Acceptance
Next article
9 Questions Every CIO Wants to Ask Apple’s Tim Cook
CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Related Articles

CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need to maintain regulatory compliance for their teams and organizations. CIO Insight is an ideal website for IT decision makers, systems integrators and administrators, and IT managers to stay informed about emerging technologies, software developments and trends in the IT security and management industry.

Advertisers

Advertise with TechnologyAdvice on CIO Insight and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.