The earliest session of the last day at TechEd Europe was all about malware prevention and removal. Chris Hallum, Senior Product Manager focusing on Windows Client Security, and Sunil Gottumukkala, Principal Program Manager Leader, talked about security improvements in Windows 8. They have made some bold claims about the fact that Windows 8 is infinitely more secure than Windows 7. I came away impressed.
1. Pre-Boot Early Launch Anti-Malware
There are varieties of rootkits and viruses around that load even before Windows and long before an Antivirus solution kicks in. In Windows 8, the ELAM (Early Launch Anti Malware) driver starts before ANY Windows boot loader is active and prevents malicious code from taking over. What's interesting with this is that this driver simply launches the currently installed (and compatible) anti-malware product, and that's not necessarily Microsoft's own AV engine (MSE a.k.a Windows Defender in Windows 8). According to Hallum, Microsoft has worked with the antivirus vendors to help them develop their own ELAM component. I expect names like Kaspersky or Symantec to be among the first to offer a dedicated Windows 8 ELAM component.
