Windows 8 Security in Action: Part 1

Below is Part 1 of the Article “Windows 8 Security in Action” featured in this month’s issue of Hakin9 Exploiting Software:

Is Windows 8 the next operating system for your enterprise? In this article, we will take a quick look at Microsoft’s new OS – Windows 8. We will see some of the new security features that make it more secure than its predecessor Windows 7. We will also run the security through the paces and see some of the possible issues that are new to the OS and some that have carried over from previous versions of Windows. From the Backtrack 5 r3 security testing platform, the author uses the Metasploit Framework and Social Engineering Toolkit to see how Windows 8 stands up to the most common internet based threats.

Introduction

The much anticipated (and debated) next version of Windows software is set to be released on October 26, 2012. Several pre-release versions were made available, and just recently Microsoft released a 90 Day Windows 8 Enterprise RTM (Release to Manufacturer) evaluation copy.

In this article we briefly cover the new look of Windows 8, which has caused some complaints from Enterprise entities and the media alike. We will then highlight some of the new security features, and finally, put them to the test.

From the Backtrack 5 r3 security testing platform, I use the Metasploit Framework and Social Engineering Toolkit to see how Windows 8 stands up to the most common internet based threats. I also cover credential harvesting, Man-in-the-Middle and physical attacks against Microsoft’s latest OS.

So let’s get to it!

Windows 8 Overview

 

Figure 1 – The new, no longer called “Metro”, desktop

The first thing you will notice is the desktop change (Figure 1), you’re not in Kansas anymore Dorothy. Catering to the mobile touchscreen users, Microsoft has switched the desktop to this new tiled interface. This has caused a split amongst enterprise users; some seem too really like it, others want the standard desktop back.

Don’t get me wrong, the desktop we know and love is still there (Figure 2):

Figure 2 – The “classic” Windows 8 desktop

But if you notice, the start button is gone. If you move the cursor to the side of the screen the new “start menu” will appear (Figure 3):

Figure 3 – The new “Start” bar

Yes, I know it looks different doesn’t it? Clicking the Start button on this menu takes you back to the Metro interface. Apparently Microsoft wanted a consistent look across their product platform. Phones, tablets and desktops would all have the same “Metro” interface.

It is nice to know though that some things still look the same in Windows 8. The Control Panel looks pretty familiar (Figure 4):

Figure 4 – The Control Panel menu

Changes have been made on the server side also. The new Server 2012 has a GUI interface, but Microsoft is really pushing the use of Server Core edition that is configured by command line only. So if you do server work, it is time to brush up on your PowerShell.

In essence, Windows 8 really seems to be an enhanced Windows 7, with a new interface. Everything that you could do in Windows 7 is there, somewhere, it is just a matter of finding its new location.

The New Security Features

Several security improvements have been made to Windows 8, a brief list of some of the new features include:

  • Windows Defender comes pre-installed
  • Application download screening with SmartScreen
  • Protection against buffer overflow and memory corruption/ modification attacks
  • UEFI / secure boot to help prevent rootkits and bootkits
  • New password options

Let’s take a closer look at the password options and some changes in the way Microsoft handles passwords.

Password Options

You now have a couple choices for login security options (Figure 5). You can use a password like always, but there are two new options, pin and picture password.

Figure 5 – Windows 8 Account Sign-in options

The PIN option is not new to some users; just select a 4 number pin and that’s it. When you go to login the next time you will now have a choice to login via PIN number (Figure 6) or your password:

Figure 6 – Login Prompt asking for PIN

The interesting one is the Picture Password (Figure 7). It requires a touchscreen interface, but with it you get to pick a picture and create a special password all your own. Once you choose the picture you want, you then record a series of finger swipes, circles and taps that make the final password.

Figure 7 – Picture Password Creation

How cool is that?

Windows 8 Security in Action Part 2

~ by D. Dieterle on October 4, 2012.

3 Responses to “Windows 8 Security in Action: Part 1”

  1. [...] This is Part 2 of the 3 part article “Windows 8 Security in Action” featured in this month’s issue of Hakin9 Exploiting Software. Part one is available here. [...]

  2. [...] part of my Windows 8 Security in Action article featured in last month’s Hakin9 magazine. Part One was a general introduction to the new look of Windows 8. In Part Two we looked at some of the new [...]

  3. [...] http://cyberarms.wordpress.com/2012/10/04/windows-8-security-in-action-part-1/ [...]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

Join 262 other followers

%d bloggers like this: