Safefy and Security in Windows 8
Safefy and Security – Windows Defender ® and SmartScreen ®
(now built into the entire OS)
In Windows® 8, Windows Defender provides real-time protection from all forms of malware, including worms, viruses, Trojans and more, by intercepting and inspecting data and activity on Windows that matches known signatures. The engine and signatures used by Windows Defender to accomplish this are the same used by Microsoft Security Essentials and Forefront Endpoint Protection.
Windows Defender will automatically scan your PC for malicious software (including viruses) at the time defined for Automatic Maintenance in Action Center. The default is 3 A.M.
Note: Despite the fact that Microsoft® is now including an antivirus solution with Windows, we should never recommend that customers use Windows Defender instead of their third party antivirus solution. Microsoft believes that the greatest security for our customers comes from having a healthy security community. Our customers benefit from the availability of alternative security software. However, we do recommend that customers use security software that is certified for their version of Windows. While there are many security software solution certified for Windows 7, it is not yet the case for Windows 8 since it is only just now being revealed to the public.
The Windows SmartScreen® feature from Microsoft Windows Internet Explorer® has now been integrated into the entire operating system. Windows SmartScreen prevent Windows from loading binaries that are known to be malicious. Similar to SmartScreen in Internet Explorer, Windows SmartScreen will check any app downloaded from the Internet against a reputation service hosted by Microsoft. This means that programs copied from the network or downloaded with third-party browsers will also be scanned by the Windows SmartScreen service.
If SmartScreen detects an app that is either known to cause a problem or unrecognized, it will prevent launching the installer for the app by default, as shown below. Clicking the More info button will display more information about the app and provide you with a Run anyway button.
Figure 1: Windows SmartScreen
Try This: Windows SmartScreen
- Download and attempt to install the Office custom UI editor.
- Use the Run anyway button to proceed with the installation after it has been blocked.
Through the SmartScreen Filter, IE has been effective at blocking socially engineered malware attacks and malicious downloads – IE blocks between 2 and 5 million attacks a day for IE8 and IE9 customers. Since the release of IE8, SmartScreen has blocked more than 1.5 billion attempted malware attacks. IE is still the only major production browser to offer this kind of protection from socially engineered malware. From our experience operating these services at scale, we have found that 1 out of every 14 programs downloaded is later confirmed as malware.
There are a lot more specific details here, if anyone wants to go deeper:
For more information about Hyper-V on Windows 8, please read the following resources.
SmartScreen Filter and Resulting Internet Communication in Windows 8 and Windows Server 2012
SmartScreen® Application Reputation in IE9
Malware Protection Center
Microsoft Security Development Lifecycle
Security Intelligence Report
Protect your PC – Windows Defender