Windows 8 and 8.1 gives malicious code the boot

Windows 8 and 8.1 gives malicious code the boot….

The following article needs some updating about today’s quality antimalware that has the new protections working with Windows 8 and 8.1….

Windows 8.1 gives malicious code the boot(s) TechRepublic The Windows operating system has a number of security controls, and most users have some sort of anti-malware security suite installed on their …
http://www.techrepublic.com/article/windows-81-gives-malicious-code-the-boots/

FOLLOW UP:

Threats/infection that launch before system:

Rootkit (definition) http://en.wikipedia.org/wiki/Rootkit

BOOTKITS Bootkits http://en.wikipedia.org/wiki/Bootkit#bootkit
A kernel-mode rootkit variant called a bootkit can infect startup code like the Master Boot Record (MBR), Volume Boot Record (VBR) or boot sector, and in this way, can be used to attack full disk encryption systems. An example is the “Evil Maid Attack”, in which an attacker installs a bootkit on an unattended computer, replacing the legitimate boot loader with one under his control.  Typically the malware loader persists through the transition to protected mode when the kernel has loaded, and is thus able to subvert the kernel. For example, the “Stoned Bootkit” subverts the system by using a compromised boot loader to intercept encryption keys and passwords. More recently, the Alureon rootkit has successfully subverted the requirement for 64-bit kernel-mode driver signing in Windows 7 by modifying the master boot record.

Today’s quality Antimalware products:

Early Launch Anti-Malware http://www.techopedia.com/definition/29079/early-launch-anti-malware-elam-windows-8?utm_source=tod_newsletter&utm_medium=email&utm_content=tod_more&utm_campaign=newsletter
What does it mean? Early Launch Anti-Malware (ELAM) is a Windows 8 security technology that evaluates non-Microsoft Windows boot time device/application drivers for malicious code. It is the first system kernel driver that starts in Windows 8 operating mode, before any third party software or driver. Techopedia Explains As a component of Secure Boot – also introduced in Windows 8 – ELAM is a detection driver used to identify malware, root kits or other malicious code/drivers initiated at system Read more »

(((Note …. newer technology for Windows 8 in antimalware (antivirus plus antispyware). Some additional links….)))

Windows 8 Early Launch Anti-Malware from Third-Party AV Vendors http://news.softpedia.com/news/Windows-8-Early-Launch-Anti-Malware-from-Third-Party-AV-Vendors-226789.shtml

Managing early launch anti-malware (ELAM) detections http://www.symantec.com/business/support/index?page=content&id=HOWTO81107

Windows 8 ELAM: too late, too little! http://www.virusbtn.com/conference/vb2012/abstracts/KulkarniJagdale.xml

How to configure Early Launch Anti-Malware Protection in Windows 8 http://www.bleepingcomputer.com/tutorials/configure-early-launch-antimalware-protection/

How to disable Early Launch Anti-Malware Protection http://www.bleepingcomputer.com/tutorials/disable-early-launch-antimalware-protection/

Understanding Early Launch Anti-Malware (ELAM) technology in Windows 8 http://www.thewindowsclub.com/earlylaunch-antimalware-elam-technology-windows-8

[Hot Fix] B0006 – The Early Launch Anti-Malware of Titanium 2013 does not load properly http://esupport.trendmicro.com/solution/en-US/1095123.aspx

Windows 8: Trusted Boot: Secure Boot – Measured Boot http://blogs.msdn.com/b/olivnie/archive/2013/01/09/windows-8-trusted-boot-secure-boot-measured-boot.aspx

-- 
SENDER: gerald309 -- 
Have A Safe Computing Day!
Webmaster: Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
Advertisements
%d bloggers like this: