Secured boot stops malicious code such as rootkits

Sep 13, 2011 16:11 GMT  ·  By

By now, the 8 seconds Windows 8 boot video demo is bound to be familiar to folks following the evolution of the next version of Windows, including Softpedia readers. What Microsoft did not reveal when it made the startup demonstration public is the fact that the amazing level of performance is achieved even despite new security enhancements introduced to the boot process.

Secured boot is a new feature which early adopters will be able to test in Windows 8 Developer Preview Build 8102 Milestone 3 (M3) – available for download this week.

Windows 8 secure boot is designed to make the OS more resilient to malicious code created especially to compromise computers even before Windows loads, such as rootkits.

“Secured boot stops malware in its tracks and makes Windows 8 significantly more resistant to low-level attacks. Even when a virus has made it onto your PC, Windows will authenticate boot components to prevent any attempt to start malware before the operating system is up and running,” the Redmond company explained.

“If the component isn’t correctly signed by Microsoft, Windows will begin remediation and start the Windows Recovery Environment, which will automatically try to fi x your operating system.”

But there are additional enhancements to the Windows 8 startup process, security-wise. According to the software giant the platform’s resilience to malware has been improved through the trusted boot-up process, set up to repair drivers and reinforce policies automatically.

And there’s even more. Windows 8 allows AntiMalware programs to load early on during boot so they can offer protection to users even before the operating system will complete the startup process.

“Measured boot Windows can further validate the boot process beyond Secured Boot. The startup processes are now signed, protected, and measured. They’re then stored in the TPM chip to prevent rootkit or malware infection,” Microsoft explained.

“For TPM-based systems, Windows 8 will perform a comprehensive chain of measurements during the boot process, called measured boot, which can be used to validate the boot process to prevent rootkits and other malware.”