Antivirus researcher: Windows 8 is a harder target for malware

Tools

Microsoft has designed Windows 8 with a host of improvements that should make it easier to defend against malware and Trojan software, according to Aryeh Goretsky, a researcher at antivirus software firm ESET to Network World.

One of them is called "Early Launch Anti-Malware," which entails loading the driver of the user's antivirus of choice ahead of all other software drivers. This creates a formidable defense against malware, especially when paired with the use of UEFI, or Unified Extensible Firmware Interface, which creates a secure path from the moment a PC is powered on, until Windows 8 is loaded.

This means that hackers attempting to load their malware ahead of antivirus software to stay undetected, or perhaps even attempting to switch it off--will have to look elsewhere.

There were initially concerns that UEFI may block Linux from being installed on machines that come preloaded with Windows 8, though the Linux Foundation has since unveiled a workaround using a general purpose pre-bootloader that uses a signed key from Microsoft (NASDAQ: MSFT).

According to Goretsky, Microsoft has also made it clear that security software has to cleanly remove itself from Windows 8 when uninstalled. He said the "dirty little secret" of the industry is that anti-malware software typically makes registry changes and other modifications that are not removed even after they are uninstalled.

The result is "a mess of device drivers and services left running after an anti-malware package has in theory been uninstalled." He noted that ESET is also guilty of this practice.

For more:
- check out this article at Network World

Related Articles:
The pros and cons of antivirus software
Windows 8 will not come with Windows Defender preinstalled