Skip to main content

Is Windows 8 Really Secure? Analysis of Security Flaws and Vulnerabilities of the Latest Product From Microsoft

By VJ
security icon representing windows 8
If you are using the Internet Explorer, Office Excel, True Type Fonts, IIS, or the now out-of-date Windows Briefcase, your computer may be subjected to security attacks.

No sooner has Microsoft released its Windows 8 and RT versions than the security flaws of this OS were revealed. At the beginning of this month, Microsoft’s Security TechCenter revealed the possible security flaws on Windows 8 and has released necessary patches. Here is what you need to do to immediately secure your Windows computer.

If you wish to get notifications on any of the latest Windows security issues, subscribe to this newsletter.

Most of these issues cause ‘remote code execution’ that helps an attacker, such as a hacker or a virus, work on your system like it belongs to him. On computers, the attack by a virus occurs when you start a program, and this program is an executable file (one with the file extension .exe or .dll in some other cases).

When a program is executing on your computer, it has a lot of privileges—disk access to read data stored on the computer, memory operations, processor access, etc. If the executable file is a virus, it could access the disk to steal information, operate on the memory to crash other programs, or act on the processor to crash Windows 8 itself.

When you try to recover from such a crash, you may find out that the virus has replicated all over your system causing havoc. Here, I have a list of applications that could cause security loopholes on your computer.

1. Internet Explorer Vulnerability


Three reports have surfaced since the release of Windows 8 on vulnerabilities of Internet Explorer. This affects Internet Explorer version 9 on various versions of Windows. The loophole gives a hacker permission to access your system and work on it with the same privileges as you have. If you are the administrator, the hacker can become the administrator on your computer if you get attacked.

Microsoft has released a security patch to cover this vulnerability here.

2. Briefcases in Windows


Microsoft Briefcase syncing application
If you are still using this functionality of Microsoft Windows, be careful. The current vulnerability found in Briefcases could open security loopholes.

So what is Briefcase in Microsoft terminology? Simply right-click in a folder and select the ‘New’ option and you will see ‘Briefcase’ as one of the things that you can create. It is a file synchronization tool (just like the Dropbox app you install in your computer for remote synchronization with your cloud storage provider). The Briefcase is equipped to provide 2-way synching with another folder that you choose (mostly belonging to the mobile PC).

In order to secure your briefcase, do not open it or work with it before applying this Microsoft Briefcase patch. The vulnerability is not applicable to Windows RT though.

3. .NET Framework


.NET Framework is a technology that forms the basis of Windows application development. That means, in order to run a lot of Windows applications, you have to have .NET Framework installed. They include high productivity apps, certain games, etc.

You may not know if you have it installed, but there is a way to find out. Simply go to Control Panel->Programs and Features. You will get a list of applications installed on the computer, and among them you can find .NET Framework if installed.

In order to secure this application, download the patch here.

4. Issues With Documents and Fonts


Do you know that you can embed executable code on a document such as a Word document or and Excel Spreadsheet? Such code snippets could create interactivity on your document as well as prove drastic if the code is malicious. This could simply make way for remote code execution.

If you are unsure of the documents you are downloading from the web, do not download them. Also, certain websites may embed unusual fonts in your system without your knowledge. This could also pave way to remote code execution, thwarting the security of your Windows computer.

In order to make your documents and fonts secure, install this Microsoft patch.

5. Microsoft Excel


A part of the Office Suite of Microsoft, Excel is a highly acclaimed spreadsheet program. Do you know that even a spreadsheet file you download from an unknown location could inject malicious code that may make your computer insecure?

Four reports have surfaced regarding the security issues of Microsoft Office, specifically Excel. Microsoft has released this patch to secure the application.

6. Internet Information Services


Microsoft’s Internet Information Services (IIS) is a web server, and on most of the client systems, it may not even be turned on. This is an application that websites running Microsoft Windows operating system at the server side use. It is hence most probably dormant on your computer. Still, if you are unsure, you can find out from Control Panel->Add/Remove Programs->Windows components (Win XP) or Programs & Features->Turn on Windows Features (Win 7).

If IIS is turned on in your computer, you should install this patch to fix issues with it.

In order to download the patch go here.

Conclusion


As Microsoft has become mostly secure, people don’t worry much about the operating system. Also, if you have a third party antivirus application, your system should be secure. One other thing you should make sure is browsing secure websites and not downloading unknown data. Most of your computers have Windows Update service turned on and the system will automatically update all necessary Windows 8 security updates. If in case it is not enabled on your computer, you should download these patches.

[Image credit: bios-mods.com, SoftIcons]

Labels

Labels:

Popular posts from this blog

10 Worst Android Antivirus Apps You Can Get

By VJ
Are you careful about the security of your smartphone? For your Android device, Google Play store offers a number of antivirus apps. There are paid and free apps from professional companies like Avast!, Kaspersky, and Lookout, as well as free antivirus apps that install and work relatively faster. Among the security apps found on the Play Store, there are a number of free, lightweight ones, most of which enjoy a great number of downloads and high ratings. Most of the ratings are done by people who find the interface easy to use, but have no idea whether the app actually works or not. Many of us feel the app is great if the interface is cool, don’t we? It is painful to note that most of these free apps not only fail at most antivirus tests, but experts regard them to be incapable of detecting any threat. Last year, the latest mobile antivirus test report was published by AV-Test.org , in which they tested and rated the best and the worst antivirus programs among multiple platforms. ...
Read the full article »

Five Great Alternatives for iGoogle Home Page Portal

By VJ
Google’s popular home page service, iGoogle will be retired on November 1st, 2013. That’s a little over a year of managing your home page through this service. It came as a great disappointment to me since I had been using the service for a long time. I have a nice home page set up in iGoogle with news from BBC, CNN, and others; my calendar; a widget for time management; topic-specific news on technology, stock quotes, weather; and some other interesting stuff. It was a page that I woke up to for many days. It seems obvious that the popularity of home page services has been coming down in the recent years; another popular service in this arena, Netvibes has turned into something else entirely. I could have turned my attention to Netvibes after they retire iGoogle, but that won’t happen now. I will miss Google’s home page, and before that I want to find out another portal service that I could love as I do iGoogle. In search for one, I found these great services which can replace iG...
Read the full article »

Should Microsoft Consider Buying Nokia?

By VJ
In a recent talk between Microsoft and Nokia, the two companies contemplated a merger. WSJ reported the story  yesterday, and for quite a while, industry leaders have been cogitating on this move. Since 2011, Nokia has been in tie-up with Microsoft to use Windows Phone operating system on all of its major devices, notably the Nokia Lumia series ( Lumia 920 , 928 , etc). This has helped both companies in great ways. Here is an analysis as to whether the merger could pave way to success to these companies. Nokia Nokia, the Finnish smartphone maker, has been quite big in the market up until Android and iOS destroyed the stronghold of its Symbian OS. Nokia subsequently fell from the top and now has the tenth position in global smartphone market with about 2.8 percent of the market, according to research firm Gartner. Nokia lost its stock value considerably, and the strong stock, which some time in 2007 was trading at a peak rate of 40 dollars, now trades at around 3-4 dollars...
Read the full article »