IT tutorials
 
Windows
 

Windows 8 : Automatic Updates as Security - Thwarting Exploits with DEP

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
3/5/2015 1:19:31 AM

The attacks of malware to thwart which exploit vulnerabilities of software is the most important element of the automatic updates. But Windows 8 offers a second manner of thwarting of such attacks. It has the prevention of execution of data called. You do not want to employ the department as alternate with other techniques described in the present part of the book. On the other hand, you want to employ it besides other techniques. (EPD)

Many attacks of malware employ a technique called overflow of shock absorber (or the overflowed shock absorber) to furtively leave the code (program instructions) in the sectors the memory that only the operating system (Windows) should employ. These sectors of memory have the direct access with all on your computer. So much any bad code which leaves furtively in this sector can make great damage.


More Security Tricks Up Its Sleeve
Some malware techniques rely on well-known memory locations to exploit system vulnerabilities. Windows 8 has a surprise for those programs, too. It does not load essential programs to well-known, predictable locations. Instead, it uses Address Space Layout Randomization (ASLR) to load things in a random location each time you start your computer. So malware writers can’t really know in advance where a particular exploit resides in memory, making it much more difficult to exploit those memory addresses.

Data Execution Prevention is a security antidote to such attacks. It monitors programs to make sure they use only safe and appropriate memory locations. If DEP notices a program trying to do anything sneaky, it shuts that program down before it can do any harm.

By default, DEP is enabled for essential Windows programs and services only. When coupled with antivirus protection, that setting is usually adequate. You can crank it up to monitor all programs and services. But if you do, you might also have to individually choose programs that are allowed to bypass DEP. Knowing when that’s okay may require technical expertise that goes beyond the scope of this book.

To get to options for DEP, follow these steps:

1. Open the System window. Or at the desktop, press Windows+X and choose System. You end up in the System window.
2. In the left column, click Advanced System Settings. That takes you to the System Properties dialog box.
3. Click the Advanced tab, click the Settings button on the Performance heading, and then click the Data Execution Prevention tab. At last, you see the options shown in Figure 1.

FIGURE 1 Data Execution Prevention options

image
4. By default, the option to apply DEP only to essential Windows programs and services is selected. For stronger protection, you can turn on DEP for all programs and services. If you choose that option, DEP may sometimes shut down a program to prevent it from running.

Note
Many modern processors offer NX technologies, which prevent buffer overflows at the hardware level. When buffer overflows do occur, Windows supports that hardware-based DEP. For processors that don’t have hardware DEP, Windows uses DEP software to achieve the same result.

If DEP does shut down a program you need, you have a couple of choices:

  • Contact the program manufacturer to find out whether there’s a version of the program that runs under DEP.
  • If you trust the program, you can add it to the list of programs that are allowed to bypass DEP. To accomplish that, you need to click the Add button and then navigate to and double-click the executable file (typically, such a file has the extension .exe) that DEP is shutting down.
 
Others
 
- Windows 8 : Automatic Updates as Security - Managing Updates (part 2) - Changing how updates work, Reviewing and removing updates
- Windows 8 : Automatic Updates as Security - Managing Updates (part 1) - Managing optional updates
- Windows 8 : Automatic Updates as Security - Enabling Automatic Updates
- Windows 8 : Automatic Updates as Security - Understanding Automatic Updates
- Windows 8 : File Maintenance Using the Open and Save As Dialog Boxes, Metadata and the File Explorer Property System
- Windows 8 : The Recycle Bin: Deleting and Recovering Files and Folders
- Windows 8 : Expert Drag-and-Drop Techniques, Taking Advantage of the Send To Command
- Windows 8 : Selecting Files with Check Boxes, Resolving File Transfer Conflicts
- Windows 8 : Navigating the Windows 8 Folder Windows (part 2) - Instant Search, The Ribbon, The Navigation Pane
- Windows 8 : Navigating the Windows 8 Folder Windows (part 1) - Folder Navigation
 
25 Inspiring Game of Thrones Quotes
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
programming4us programming4us
 
Popular tags
 
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS