Chris Hallum Senior Product Manager

Windows 8.1Security Advancements

Windows 8 Security

Windows 8 Security - The

Impact

Changing Threat Landscape

Windows 8.1 End to End

Security

Key Threats• Passwords under attack• Digital identity theft

and misuse• Signatures based AV

unable to keep up• Digital signature

tampering• Browser plug-in exploits• Data loss on BYOD

devices

Key Threats• Melissa (1999), Love

Letter (2000)• Mainly leveraging

social engineering

Key Threats• Code Red and Nimda

(2001), Blaster (2003), Slammer (2003)

• 9/11• Mainly exploiting buffer

overflows• Script kiddies• Time from patch to

exploit: Several days to weeks

Key Threats• Zotob (2005)• Attacks «moving up the

stack» (Summer of Office 0-day)

• Rootkits• Exploitation of Buffer

Overflows• Script Kiddies• Raise of Phishing• User running as Admin

Key Threats• Organized Crime• Botnets• Identity Theft• Conficker (2008)• Time from patch to

exploit: days

Key Threats• Organized Crime,

potential state actors• Sophisticated Targeted

Attacks• Operation Aurora

(2009)• Stuxnet (2010)

Windows 8.1• Touch Fingerprint

Sensors• Improved Biometrics• TPM Key Attestation• Certificate Reputation• Improved Virtual

Smartcards• Provable PC Health• Improved Windows

Defender• Improved Internet

Explorer• Device Encryption (All

Editions)• Remote Business Data

Removable

Windows XP• Logon (Ctrl+Alt+Del)• Access Control• User Profiles• Security Policy• Encrypting File System

(File Based)• Smartcard and PKI

Support• Windows Update

Windows XP SP2• Address Space Layout

Randomization (ASLR)• Data Execution

Prevention (DEP)• Security Development

Lifecycle (SDL)• Auto Update on by

Default• Firewall on by Default• Windows Security

Center• WPA Support

Windows Vista• Bitlocker• Patchguard• Improved ASLR and

DEP• Full SDL• User Account Control• Internet Explorer Smart

Screen Filter• Digital Right

Management• Firewall improvements• Signed Device Driver

Requirements• TPM Support• Windows Integrity

Levels• Secure “by default”

configuration (Windows features and IE)

Windows 7• Improved ASLR and

DEP• Full SDL• Improved IPSec stack• Managed Service

Accounts• Improved User Account

Control • Enhanced Auditing• Internet Explorer Smart

Screen Filter• AppLocker• BitLocker to Go• Windows Biometric

Service• Windows Action Center• Windows Defender

Windows 8• UEFI (Secure Boot)• Firmware Based TPM• Trusted Boot (w/ELAM)• Measured Boot and

Remote Attestation Support

• Significant Improvements to ASLR and DEP

• AppContainer• TPM Key Protection• Windows Store• Internet Explorer 10

(Plugin-less and Enhanced Protected Modes)

• Application Reputation moved into Core OS

• BitLocker: Encrypted Hard Drive and Used Disk Space Only Encryption Support

• Virtual Smartcard• Picture Password, PIN• Dynamic Access

Control• Built-in Anti-Virus

2013

2001

2004

2007

2009

2012

Windows 8 Security Capabilities

Modern Access Control

Securing the Sign-InSecure Access to Resources

Protect Sensitive Data

Securing Data With Encryption

Malware Resistance

Securing the BootSecuring the Code and CoreSecuring the Desktop

Trustworthy Hardware Universal Extensible Firmware Interface

(UEFI )Trusted Platform Module (TPM)

Measuring Windows 8 Security Success The largest volume of security investments ever made in a single release of Windows have yielded great results.

Those who realize they’ve been hacked.Those who haven’t yet realized they’ve been hacked.

There are threats that are familiar and those that are modern.

Script Kiddies; Cybercrime Cyber-espionage; Cyber-warfare

Cybercriminals State sponsored actions; Unlimited resources

Attacks on fortune 500 All sectors and even suppliers getting targeted

Software solutions Hardware rooted trust the only way

Secure the perimeter Assume breach. Protect at all levels

Hoping I don‘t get hacked

You will be hacked. Did I successfully mitigate?

Familiar Modern

Company owned and tightly managed devices Bring your own device, varied management

“Commercial based antivirus and security products are designed for and focus on protecting you from prevalent classes of in the wild threats coming from criminals, thugs and digital mobsters (and it's a constant battle). It is not designed to protect you from the digital equivalent of Seal Team Six. So if you're the guy that finds himself in the crosshairs… you're not safe.”

-- F-Secure “News from the Lab”, May 30, 2012

A Lockheed Martin official said the firm is “spending more time helping deal with attacks on the supply chain” of partners, subcontractors and suppliers than dealing with attacks directly against the company. “For now, our defenses are strong enough to counter the threat, and many attackers know that, so they go after suppliers. But of course they are always trying to develop new ways to attack.”

-- Washington Post “Confidential report lists U.S. weapons system designs compromised by Chinese cyberspies”, May 27, 2013

“When discussing the importance of information security we’ve probably heard excuses such as “we’re too small to be a target” or “we don’t have anything of value”, but if there is anything this report can teach us, is that breaches can and do occur in organizations of all sizes and across a large number of industries.”

-- TechRepublic speaking on the 2013 edition of Verizon’s Data Breach Investigations Report (DBIR).

Windows 8 and 8.1Security Capabilities

Modern Access Control

Securing the Sign-InSecure Access to Resources

Protect Sensitive Data

Securing Device with Encryption

Malware Resistance

Securing the BootSecuring the Code and CoreSecuring the Desktop

Trustworthy Hardware

First Class Biometric ExperienceMultifactor Authentication for BYODTrustworthy Identities and Devices

Provable PC HealthImproved Windows DefenderImproved Internet Explorer

Pervasive Device Encryption Selective Wipe of Corp Data

UEFI TPMModern Biometric Readers

TPM

Trustworthy HardwareUniversal Extensible Firmware Interface (UEFI)Trusted Platform Module (TPM)

Key Improvements in Trustworthy Hardware

The Opportunity• Improve security for Consumer and BYOD

• Leverage TPM in new way to address modern threats

History in Windows• TPM is currently optional component in most

devices

• Pervasive on commercial devices, and most tablets

Our Goal in Windows 8.1• Drive adoption of InstantGo architecture with

OEM’s

• Work with Intel to make PTT pervasive on all proc’s

• Add TPM requirement to 2015 Windows cert reqs

• Secure approval in regions such as Russia and China

What is UEFI?• A modern replacement for traditional BIOS

• A Windows Certification Requirement (UEFI 2.3.1)

Key Benefits • architecture-independent

• initializes device and enables operation (e.g.; mouse, apps)

Key Security Benefits: • Secure Boot - Supported by Windows 8, Linux, …

• Encrypted Drive support for BitLocker

• Network unlock support for BitLocker

Trusted Platform Module (TPM)

Universal Extensible Firmware Interface (UEFI)

Modern Access ControlModern AuthenticatorsTrustworthy Identities and DevicesSecure Access to Resources

Key Improvements in Modern Access Control

Dynamic Access Control• Rules based access control• Policy based on user and

device attributes• Example - Users in the

Finance department within the United States get access to a specific file share

Remote Attestation • Access Control based on

remote validation of a systems security state

TPM Key Protection• Protect digital identities

from theft using TPM

TPM Key Attestation • Confirm security of digital

identities using TPM

Certificate Reputation• Cloud service able to

identify fraudulent certificate and use on web

Picture Password• Ease to use option for

touch• Secure for some scenarios

Virtual SmartCards• An alternative to

passwords• Device becomes

SmartCard• Remotely provisonable • Requires TPM

Fingerprint based Biometrics• Advanced Touch sensors• Use anywhere in Windows

Secure Access to Resources

Trustworthy Identities and

Devices

Modern Authenticators

Malware ResistanceSecuring the Code and CoreSecuring the BootSecuring After the Boot

Key Improvements in Malware Resistance

Defender• All versions of Windows include

a full features anti-malware solution

Windows Store and Apps• Security of Apps hosted in

Windows Store are vetted prior to publishing

• Windows Store Apps run in sandbox

Windows and IE SmartScreen• Warns or blocks app if they

have a negative or unknown reputation

• Malicious websites are blocked in IE

Provable PC Health • Remote analysis is able to

detect malware than can’t be detected locally. Initiate remediation process

Universal Extensible Firmware Interface (UEFI)• Hardware based bootkit

protection• Ensures desired OS starts first,

not malware

Trusted Boot • Hardens the boot process and

provide rootkit protection

Early Load Anti-Malware (ELAM)• Anti-Malware solution is started

early and protected form tampering

Measured Boot• Integrity of key system

components are measured and remotely validated

Security Development Lifecycle• State of the art engineering

practices• All MSFT software must

conform to processes • MSFT results have received

accolades from industry experts (Kaspersky (Q3 2012 Report)

Securing the Windows Core• Improvements in ASLR, DEP

make exploiting a vuln in Windows magnitude of order more difficult.

“the security advancements from Windows XP to Windows 7 are leaps and bounds.. the advancements from version 7 to 8 are just as great.” - Chris Valasek - Security Researcher

•

Securing after the Boot

Securing the BootSecuring the Code and Core

Protecting Sensitive DataPervasive Device Encryption Selective Wipe of Corp Data

Key Improvements for Protecting Sensitive Data

Remote Business Data Removal is a platform feature that: • protects corporate data using Encrypting File

System (EFS)

• enables IT to revoke access to corp data on managed and unmanaged devices

• requires application support.

• Current applications that support RBDR:

• Mail

• WorkFolders

Data protection (FDE) is now considered a fundamental OS feature• Device Encryption included in all editions of

Windows

• Prevents unauthorized access on lost or stolen devices

• enabled out of the box

• requires devices with InstantGo technology

• built on BitLocker tech; commercial grade protection

BitLocker • provides additional configuration options and

management capabilities that are attractive to enterprises

• easy to deploy and available in Pro and Enterprise editions

• enterprise management available with MBAM

Enabling IT to Revoke Access to Data

(Remote Business Data Removal)

Protecting Data At Rest(Device Encryption and

BitLocker)

Windows 8 and 8.1 Security Capabilities

Modern Access Control

Securing the Sign-InSecure Access to Resources

Protect Sensitive Data

Securing Device with Encryption

Malware Resistance

Securing the BootSecuring the Code and CoreSecuring the Desktop

Trustworthy Hardware

First Class Biometric ExperienceMultifactor Authentication for BYODTrustworthy Identities and Devices

Provable PC HealthImproved Windows DefenderImproved Internet Explorer

Pervasive Device Encryption Selective Wipe of Corp Data

UEFI TPMModern Biometric Readers

TPM

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.