Windows 8 RT To Have Great Anti-Malware Features

While attending MS TechEd 2012 in Orlando, FL a few bits and pieces of information keep coming out. Windows 8 RT; the Windows 8 version that will run in ARM processors, will be aimed at lighter-and-better-battery-life… but that is not all… one item explained in great technical detail at one of the sessions was the long overdue replacement of the Master Boot Record.

The MBR originated in the late 1970’s and it what the computer uses to hand over control of the boot-up process from the BIOS in the hardware to the software in storage. While the old MBR process ultimately works, it is the root cause for a lot of malware injecting itself into the computer before the OS loads and can detect it. In the MBR world, whoever loads first can decide what later components are to load… So, many malware programs do this in order to choose not to load a preventive software (or even worse, loads an infected version).

Enter Windows 8, the boot-up process will include different forms of this secure-anti-malware process called UEFI, which is an open and independent standard that requires certification. In Windows 8 RT the process will be called Trusted Boot. UEFI’s Trusted Boot will execute a series of validations and checks on the program that is asking control for the next step. If the process passes validation, then it knows it is OK to continue and that the booting process has not been compromised. In addition to this, it moves the loading of the anti-malware process at an earlier stage so that it can prevent malware from affecting the PC. So far, it would be a great enhancement to Windows PCs, but what happens when the process does not pass validation? Here is the great thing about this process, it will simply replace the bad-malware-affected program with a safe-checked-and-validated copy of it giving Windows 8 a self-healing ability against boot-process malware!

This is very bad news for black-hat hackers and malware coders, but it is awesome news for users.

For regular Intel/AMD Windows 8 PCs, this process will be supported only on devices that support UEFI boot-up. Legacy hardware cannot be updated to support the whole change, but will have firmware updates that will adopt some of these principles. If you are planning on buying a Windows 8 ARM device you are going to be much more protected than upgrading from an older Windows PC or Tablet.


This post has been viewed 72144 times.

About Diego Samuilov

Editor in Chief/Founder Diego Samuilov is an executive, consultant, IT strategist and book, e-book and web published author. Diego has worked in Microsoft’s environments since 1990. Since then, he has successfully filled many positions related to the Software Development lifecycle. Having worked as a developer, analyst, technical lead, project lead, auditor and, since 1996 a project manager, manager, director and VP in the Software Development, Server, Desktop and Mobile environments. Diego is very passionate about the software development process, which has played a great part in his skills development. Since the introduction of the first ever PDA (the Apple Newton MessagePad) in 1994 and Windows CE in 1998 he has pioneered and pushed the envelope in the field of mobile software development. He has developed many solutions used in mobile markets, desktop and server environments. He participates in public and private developer community events. He actively collaborates with the community at support forums and blogs. Diego is the author of "Windows Phone for Everyone" available [HERE].