If every computer had antivirus
software running, life would be tough for bot herders and cyber crooks. Their ability to orchestrate spam campaigns and denial of service attacks relies on a plentiful supply of unprotected computers. Windows 8
will put the squeeze on those creeps. It has antivirus protection built right in, enabled by default if no other antivirus is present. But the new security features at the very deepest level may be even more significant. To understand what Windows 8 adds, we need to look back at the evolution of operating system security.
The Story So Far
COM file programs for the original MS-DOS were laughably insecure by modern standards. DOS simply copied the program byte for byte from disk into memory and started it running. It made no distinction between code and data, so a buffer overrun attack could easily force execution of arbitrary code. Early file-infector viruses simply appended their own code to the program's end and replaced the very first instruction with a jump to that code.
The EXE file format, still in use today, isn't quite as open to manipulation. It does distinguish between memory areas used for code and those used for data. Windows XP SP2 introduced Data Execution Protection, which ensures that a memory area marked as data will never be executed. (Note, though, that it's possible for a hardware backdoor attack
to disable this feature).