Virus and malware can infiltrate operating systems through malicious websites, infected email messages, and drive-by downloads. Cyber criminals employ various deceptive methods to proliferate their rogue programs and it is often difficult to determine the cause of the infection. New malware samples are released every day, which can cause problems for computer users. Today, the Internet is flooded with exploit kits that distribute Trojans, key-loggers, fake antivirus programs, ransomware viruses, etc. Computer users wishing to protect their operating systems from this malware, should keep their Windows and installed programs updated. Moreover, PC users should use legitimate antivirus programs. Whilst these two rules (updating software and using antivirus programs) seem straightforward, many computer users ignore them and this leads to serious security infections. The good news is that the new operating system from Microsoft (Windows ) incorporates an in-built antivirus program called 'Windows Defender'. This protection contains an antivirus suite, Early Launch anti-malware (ELAM), Unified Extensible Firmware Interface (UEFI), together with Secure Boot and Bootkit Detection.
Firstly, a closer look at the ELAM, UEFI, Secure Boot and Bootkit Detection.
UEFI & Secure Boot
In Windows 8, Microsoft has replaced BIOS (Basic Input Output System) with the Unified Extensible Firmware Interface. Secure Boot, as a part of UEFI, allows the security policy to be loaded before the OS (operating system). A BIOS would not allow this.
Bootkit detection is also related to UEFI. To be more specific - to the Secure Boot itself. This is a way to confront low-level malware, known as a 'bootkit', which loads before the OS. This is a new feature, not implemented in older versions of Windows.
Early Launch Anti-Malware
There is a type of malware that loads immediately after the OS and before any other installed applications. For this reason, some antivirus suites cannot deal with them - they simply do not load early enough to prevent the security infection. ELAM is a way to handle this. It is a boot-type driver that loads before any other program and it is implemented within Windows 8 by default. If you have any other third-party software installed (with this feature) you can use it instead of the Windows default.
Windows defender is a free Windows 8 antivirus program installed together with the OS. It allows users to keep their computers protected even if they have no third-party antivirus suite installed. If you do install a third-party antivirus program, 'Windows Defender' will no longer be active.
Here is a closer look at Windows Defender:
Navigate to the Start menu and type 'defender'. The search results will automatically appear with Windows Defender listed.
If you have opened it for the first time, there is a chance that you will be asked to download the updates.
One of the options handles suspicious files that have been quarantined. As in other antivirus programs, you can allow the use of the files by making an exception in the list.
'Settings' allows you to configure Windows Defender.
One of the most important and useful options is 'computer scan'. There are three different scan options to choose from. Scanning your computer on a regular basis can dramatically decrease the risk of security infections.
Windows Defender does not make heavy use of computer resources, and thus, users can perform other tasks while scanning their computers.
The Windows Defender security scan is fast. Using the quick scan option, our test machine was scanned in less than 2 minutes.
This built-in antivirus program makes Windows 8 the most secure operating system released by Microsoft. Whilst some computer users are tech-savvy and aware of security infections when browsing the Internet, many PC users do not use any security programs, thus presenting an easy target for cyber criminals. Having an Antivirus program installed in Windows by default certainly decreases the risk of users' computers becoming infected with malware and viruses.
Here is a video overview of Windows 8 security features: