TrainACE - IT and Cybersecurity Training Blog

Security & Hacking Vulnerabilities in Windows 8

[fa icon="calendar"] Nov 15, 2013 10:34:55 AM / by The TrainACE Team

When Windows 8 debuted, it brought along a completely new interface, updated platform, and transformed user experience.

But Windows 8 also brought along something that wasn’t intended to be included in its debut—that being a host of security vulnerabilities and threats.

Since its release, users and security researchers have reported a slew of issues that have plagued the operating system. Password protection is weak, unnecessary features are automatically enabled, and internet browsing while using Adobe Flash makes the system vulnerable to hackers. While many of these issues can be fixed by installing security patches or third-party software, the fact that Windows 8 users have to upgrade their own security in order to defend their PCs has made Windows 8 look pretty weak where security is concerned. For many users who don’t keep up with tech news or lack knowledge about upgrading security systems, this can be a big issue. A lot of people who purchase PCs do so to use them on a recreational basis, and many do not know about the ins and outs of malware protection and defense.

Though stronger memory allocations and kernel controls are said to enhance security on Windows 8, it is apparent that problems still remain. Windows is a strong name, but don’t forget that malware development is always a step ahead of security measures, so it pays to be vigilant regardless of the hype.

Precautions When Using Windows 8

If you're currently using Windows 8, there are some malware precautions you should take, such as enabling BitLocker, which isn't activated by default. BitLocker will help to defend your system against at least a few threats, but be aware that BitLocker is not difficult to crack with the Passware Kit Forensic.

Picture gesture authentication (PGA) or "picture passwords" were introduced in Windows 8 because Microsoft thought users would find them fun. However, according to Arizona State University and Delaware State University researchers, these gesture-based passwords are very easy to hack. The researchers found that hackers were able to crack almost 50 percent of the picture passwords contained in their sample. Windows 8 picture passwords are created by selecting a photo and then drawing three points on the image. The photo has 100 by 100 grids, and users select three points on the photo to use as coordinates. However, because most users choose coordinate points located on the face or near the eyes, these points are very easy for hackers to figure out. It’s recommended that users opt to use a traditional text-based password, instead of these potentially faulty picture ones.

Additionally, Windows 8 has many features enabled that may potentially put users at risk. For instance, automatic social sharing, cached login credentials, and the ability for a user (or attacker) to shut down the system without logging on. Users should check these settings to make sure that they aren’t oversharing inappropriately.

Furthermore, researchers have also detected a flaw in Flash on Windows 8 while browsing in Internet Explorer 10. The flaw makes the system vulnerable to a bug that makes Flash go down while hackers take over the system. A security patch has been recently issued by Microsoft, but users must install it themselves. Without the patch, user data can easily fall victim to malicious hackers.


Addressing Issues in Windows 8

Recently, Microsoft released Windows 8.1, the first major update to the Windows 8 operating system, in order to correct many of the issues that plagued the Windows 8 operating system. It is important to note, that whether using Windows 8 or Windows 8.1, it is crucial to remain cautious of potential security vulnerabilities and threats, which always remain.

Topics: Cisco, Cybersecurity, Malware, Microsoft, Ethical Hacking

The TrainACE Team

Written by The TrainACE Team

Need IT Certifications?
Want more info?

Call (301) 220-2802

Speak with a Program Manager