When Microsoft unveiled the Windows 8 Developer Preview two weeks ago,one of the thing to grab most of the attention was it’s built-in malware protection. Senior Security Advisor at Sophos(Software Security Firm) Canada, Chester Wisniewski, tested Windows 8?s anti-virus software against a number of malware threats. Wisniewski pointed out Microsoft’s lack of virus warning messages in Windows 8 while testing the new software. Wisniewski tested Microsoft’s inbuilt Windows Defender software with the basic EICAR test file which produced an error at launch but failed to notify a virus warning. “I was very confused and began to wonder whether Windows 8 really had anti-virus at this point,” said Wisniewski in a blog post .
He also tested an array of real world malware samples and concluded that Windows 8 detected around 50% of the malware samples tested.He also tested Mac, Linux and Windows malware to determine whether Windows 8 detected cross-platform malware. And so he says,“It did successfully pick up quite a few fake anti-virus samples for Mac and Windows, as well as some copies of Linux/RST-B. It also recorded some events under the Windows Defender category in Event Viewer for the detection it alerted me to.”
To add more to that he said,”Microsoft does need to fix the detection of EICAR. The way things work currently will only encourage people to take unnecessary risks with real malware samples for testing.If you are testing Windows 8 on a live network, I would recommend you install a third-party anti-virus program as well. While Windows Defender caught some samples, it isn’t ready for prime time yet.”
Microsoft is planning makeover for its Windows Defender product for Windows 8. Microsoft will periodically deliver a set of malware signatures via Windows Update. Defender will now include real-time detection and protection from malware using a file system filter. Defender will also interface with Microsoft’s secure boot technology in Windows 8. Windows PCs with UEFI-based secure boot will be able to take advantage of Microsoft’s Windows security to make sure the firmware and firmware updates all remain secure. Microsoft is able to achieve this by loading only properly signed and validated code during boot.
Microsoft is has also planned to add SmartScreen filtering for Windows. Windows 8 will also protect its end users by carefully checking applications and URLs with its reputation-based database.