Windows 8 Security Garners Praise at Black Hat

From eWeek: Microsoft's Windows 8 is not yet generally available—the operating system officially lands on store shelves Oct. 26 –but that's not stopping security researchers from trying to find flaws in the OS. However, those hackers who have had an easy time with Windows might find some new security features hard to beat.

For years, Windows has come under frequent attacks thanks to hackers exploiting the operating system’s heap memory manager. However, in a new report released at the Black Hat conference here, engineers at Microsoft have done an admirable job of defending memory, making it more difficult than ever before for attackers to exploit.

The report is called "Windows 8 Heap Internals."

Chris Valasek, a senior security researcher at Coverity and co-author of the research, explained the memory heap is a critical component of Windows. The memory manager is what tells applications that memory is or isn't available for use.

“As a security researcher you want to look into how the memory is managed and see if there is the potential for a buffer overflow or some kind of exploit that could alter what the heap memory manager is supposed to do,” said Valasek.

View: Article @ Source Site