programming4us
programming4us
SECURITY

Security and Windows 8: Keeping Your PC Safe (part 1) - Windows Defender, Boot-Time Security

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
12/4/2014 7:58:08 PM

While Mac partisans and tech pundits like to present a tortured view of how difficult it is to secure a Windows PC, the truth is far less dramatic. Previous to Windows 8, there were a few simple steps you could take to technically secure your PC—enabling automatic updates and installing an antivirus solution—and that, combined with some good old-fashioned common sense was all that was required.

In Windows 8, you’ll be ecstatic to know, it’s even easier.

Under the hood, of course, Microsoft’s decades-long commitment to system security continues. This version of Windows includes the same anti-malware technology, firewall, User Account Control, and other security features that made Windows 7 the most secure version of Windows yet. And then they turned it up a notch by adding two crucial new features: Antivirus is now included in the OS, finally, so you won’t need to add that separately. And the SmartScreen protection feature that the company debuted in Internet Explorer 9 is now part of Windows, so you’re protected even if you use competing browsers.

Windows Defender

Microsoft has included an integrated anti-spyware and anti-malware solution called Windows Defender since Windows Vista. Defender was good at what it did—in fact, most Windows users simply aren’t even aware of its existence, which is proof of its efficiency—but it’s always been lacking one crucial feature: It didn’t include antivirus functionality. So we recommended an external and free utility called Microsoft Security Essentials (MSE) for this purpose: MSE looked and worked just like Defender, but it added that one crucial feature, completing the Windows security picture.

Now, Windows Defender includes the same antivirus functionality that used to be part of Microsoft Security Essentials. It’s built into Windows 8, it’s enabled by default, and you get it for free, just for buying into Windows 8.

This is exciting because both of us have used MSE for years, and we trust it to protect not only our own PCs, but more crucially those of our families and friends. And we’ve experienced no major issues yet. Not once.

So our advice is simple. Assuming you’re not spending your time in the nether regions of the web, downloading illegal software and goodness knows what else, Windows Defender is enough. It’s lightweight and quiet, and it won’t bother you with annoying pop-up dialogs. You won’t need other security applications or even more expensive security suites. You know, assuming that common sense is employed.

TIP Okay, there is one more thing you can continue doing from time to time: Use a second anti-malware utility. (You should never use two antivirus solutions, however, because they will interfere with each other.) It’s not necessary to leave the second anti-malware utility running in real time, but it’s a good idea to run it once in a while, just to make sure something hasn’t slipped by.

But we know you want to know a bit more about Windows Defender.

Shown in Figure 1, Windows Defender has a simple interface. From here, you can trigger a malware and virus scan, check for updates, view the history of Defender’s activities, or access various options. It works just as Defender did in Windows 7, except that it’s now checking, in real time, for viruses as well as spyware and other malware.

Figure 1: Windows Defender

c12f015_fmt

There’s not a heck of a lot to do here. Configured properly, Defender’s real-time protection against viruses and malware will be enabled, and its virus and malware definitions—part of its ability to detect errant software—should be up to date. You can manually update the definitions from the Update tab, but it’s unlikely there’s an issue here unless the PC has been offline for weeks or longer.

Potentially harmful items that have been found are cataloged on the History tab. Here, you’ll see different buckets for quarantined, allowed, and all detected items. If there are any items here, you can further remediate them if you’d like—perhaps by removing them entirely—but there’s usually no reason to bother.

The Settings tab has, as expected, a number of configuration options and is worth looking at. For example, you can configure Defender to scan removable drives during a full scan. This is desirable if you regularly use an external disk, like a USB hard drive, when you’re home. You can also configure Defender to automatically remove quarantined items after a set time period—by default it does nothing—and determine whether to participate in Microsoft’s Active Protection Service, or MAPS, which is used to make Defender more effective for everyone. Do your part: We recommend at least a basic membership.

Boot-Time Security

Windows Defender, like its predecessor, is great at what it does. But there’s one problem with an integrated antivirus and anti-malware solution like Defender, and that is that Windows 8 must be running for it to work. There are certain situations in which you may wish to secure your PC’s hard disk—just as when it’s booting—or need to run a security scan against the hard disk when Windows isn’t running. And while one might argue that these capabilities aren’t technically Windows 8 features per se, you need to know about them.

First, as PCs have become more sophisticated, the architecture on which Windows runs has evolved. And one of the biggest changes that Windows 8 has been designed to accommodate is the long overdue switch from the primitive BIOS (basic input/output system) environments that have graced (disgraced?) PCs since the 1980s. BIOS is a type of firmware, a tiny bit of software that runs before Windows when the PC first powers on. And while it’s possible to run Windows 8 on a BIOS-based computer—basically every single PC made before 2012—a new generation of more sophisticated PCs and devices are instead using BIOS’s replacement. It’s called UEFI, or the Unified Extensible Firmware Interface.

UEFI provides many advantages over BIOS, but from a security perspective the big deal is that PCs based on this firmware type can support a new technology called Secure Boot. Based on industry standards, Secure Boot ensures that a system hasn’t been tampered with while offline. (That is, while Windows isn’t running.)

It sounds Orwellian but the purpose of Secure Boot is valid: It targets a growing class of electronic attacks that insert code before Windows boots and try to prevent the OS from loading security software like Windows Defender at boot time, leaving the system vulnerable to further attack. Secure Boot ensures that only properly authorized components are allowed to execute at boot time. It is literally a more secure form of booting.

All Windows 8 PCs and devices will be configured from the factory to support Secure Boot and have this firmware feature enabled. But if you are going to install Windows 8 on a previous PC, you can check to see whether this feature is supported and then enable it before installing the OS.

As a feature of the PC firmware, Secure Boot isn’t configured in Windows; it’s configured in the UEFI firmware interface. This interface will vary from PC to PC, but it’s generally available via a Boot or Security screen in the firmware and is toggled via an option that will be labeled UEFI Boot. This can be set to Enabled or Disabled.

The other security issue that arises at boot time occasionally is the need to scan an offline system. That is, you may want to run a Windows Defender security scan against a Windows 8 hard disk, but when Windows isn’t running. This can be a vital capability if your system is infested with a bootkit or rootkit, malicious forms of software that are both hard to detect and almost impossible to remove . . . when Windows is running. But if you can attack bootkits and rootkits while Windows is offline, then voila! Problem solved.

Fortunately, Microsoft makes a standalone version of Windows Defender called the Windows Defender Offline. As you might expect, it is based on Windows Defender, and looks almost identical to that tool. But you install it to a bootable optical disc or USB memory stick and then boot the PC from that. Windows Defender Offline is shown in Figure 2.

Strictly speaking, there’s no reason to run Windows Defender Offline unless you know you have a problem. But don’t wait to create a bootable Windows Defender Offline disc or USB key until you have a problem: This is a tool you should have at the ready, just in case. You can download Windows Defender Offline from the Microsoft website at tinyurl.com/defenderoffline.

CROSSREF Some related security features, BitLocker and EFS, can be used to protect the contents of a Windows PC’s hard drive.

Figure 2: Windows Defender Offline can clean an offline PC.

c12f016_fmt
Other  
  •  Netgear EX6200 AC1200 Wi-fi Range Extender
  •  Windows 8 : Managing BitLocker and other policy-based mobility tools (part 5) - Configuring offline file synchronization, Configuring policy settings for device power
  •  Windows 8 : Managing BitLocker and other policy-based mobility tools (part 4) - Configuring policy settings for offline files
  •  Windows 8 : Managing BitLocker and other policy-based mobility tools (part 3) - Managing BitLocker at the command line
  •  Windows 8 : Managing BitLocker and other policy-based mobility tools (part 2) - Managing BitLocker at the command line
  •  Windows 8 : Managing BitLocker and other policy-based mobility tools (part 1) - Configuring BitLocker policies
  •  Connecting Us TP-LINK TL-PA6010 Test
  •  Wireless Connections: What You Need To Know (Part 5)
  •  Wireless Connections: What You Need To Know (Part 3)
  •  Wireless Connections: What You Need To Know (Part 2)
  •  
    Top 10
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
    - Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
    - Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
    - Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
    - Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
    REVIEW
    - First look: Apple Watch

    - 3 Tips for Maintaining Your Cell Phone Battery (part 1)

    - 3 Tips for Maintaining Your Cell Phone Battery (part 2)
    programming4us programming4us
    programming4us
     
     
    programming4us