First Look at Windows 8

Wow. The security enhancements in Windows 8 look fantastic. Details are available here:

A few things spring to mind:
1). The changes to the Windows 8 heap will significantly raise the bar for exploit developers, and pentest tool vendors. The days of serious and widespread remotely exploitable buffer overflow bugs are mostly behind us. Most of those have been hunted to extinction over the past several years. Today’s cutting edge OS exploit development work is largely in the heap overflow arena, and things will get dramatically more difficult for heap exploit developers as the Microsoft world moves to Windows 8 over the next few years.

2). Enterprise shops that skipped Vista and are rolling out Windows 7 will need to continue to do so. Windows XP goes off support in April 2014 (meaning Microsoft won’t provide you with any patches unless you purchase Custom Support), so you don’t have enough time to wait for Windows 8 to be ready for production. I would recommend standing up a Windows 8 pilot early to shake out any conflicts between Windows 8 and your organization’s software portfolio, but you don’t have enough time between now and April 2014 to lean back and skip Windows 7.

3). The inclusion of Microsoft’s now world class anti-malware solution in Windows 8 is bad news if you are an AV vendor. Enterprise shops will still likely want to buy a comprehensive endpoint security solution like Symantec SEP, but home users should be fine with just Windows 8’s AV and their firewall enabled. So Symantec, McAfee, Trend and others will certainly see less AV subscription revenue flowing in from home users and small business market.

email: david @
Twitter (free enterprise vulnerability alert feed):


Leave a Reply