December 1, 2013 | Dubai | Press Releases

Unraveling Windows 8.1 Security: Should You Upgrade?

Microsoft Windows remains the operating system (OS) of choice for businesses and home users alike with a dominant 90.65% share of the OS market[1]. And while Windows 7 is currently the top operating system, the end of life cycle for Windows XP, slated for April 2014, will no doubt drive the adoption of Microsoft's newest OS. This is good news for the company which recently released Windows 8.1- but what does this mean for business and home users?


Upgrading to a new operating system poses its fair share of challenges- new interfaces, software compatibility concerns and the inevitable learning curve. But perhaps most important of these is security as ESET's Virus Radar, which monitors virus infection rates across the globe, has found that 11.45% of computers in the Middle East are infected by malware. Focusing on security, let's now peel the wrapping off the newly launched Window 8.1 platform and take a look at some of the key features that both businesses and consumers should be aware about.


Defender of the Realm, Revisited

For Windows 8.0, Microsoft re-badged its Microsoft Security Essentials product, renaming it as Windows Defender, creating a new modern user interface, introducing drivers for Early Launch Anti-Malware support and bundling it into the operating system. While Windows 8.1's Windows Defender does not have as many changes as its predecessor, it does contain some new and improved functionality.


·       Windows 8.1’s Windows Defender now implements an intrusion detection system (IDS) at the network level to continuously monitor the connections and identify potentially malicious behavior patterns. In this respect, the software behaves like a classic virus scanner, except that instead of scanning files it now scans network traffic.

·       Similarly, Windows Defender adds another technology to Windows Defender 8.1 at the operating system level: its Host Intrusion Prevention System, or HIPS, which allows it to monitor system memory, the registry and file system for malicious activity.


·      Another new addition is that ActiveX controls downloaded by Internet Explorer are now scanned automatically before execution.



While none of these announcements address novel technologies, all of these steps mean additional layers of protection for users of Windows 8.1, and that is definitely a good practice from a security perspective.

Evolutionary encryption

File system level encryption is not a new feature to Windows with previous version of the OS having encryption capabilities inbuilt. Regardless of which encryption technology or technologies were being used, though, there has always one feature that has remained constant, and that is that they have always had to be enabled by the person managing the computer.


With Windows 8.1, however, Microsoft has introduced pervasive Device Encryption. It means that if the PC’s hardware supports it, all disks will automatically be encrypted. To simplify key management, a backup copy of the recovery key for the system is either stored in the Active Directory Domain Services if the user account is a domain account, or "in the cloud" on SkyDrive if the user account is Microsoft Account.


With device theft a continuing issue for businesses, institutions and any organization with portable devices, encryption has become a topic at the forefront of most IT departments’ radar and budgets. Having encryption integrated at the operating system level and managed using familiar existing tools will greatly reduce the administrative overhead for IT managers. However, only the newest systems are capable of taking advantage of this technology.


Putting a finger (print) on it

One of the biggest changes to Windows 8.1 is its improved support for reading fingerprints. While fingerprint readers have been a staple of business laptops for over a decade now, they have never been used to the same extent in the consumer space. This is probably due to the increased device cost in the more price-sensitive consumer market.

But Windows 8.1 has made it much easier for developers to take advantage of fingerprint reading technology. By handling the scanning of fingerprints to register them within the system, as well as extending their management within the operating system, Microsoft has made it easier for both hardware manufacturers and third-party software developers to develop usage scenarios and applications around fingerprint registration that go beyond simply authenticating a person at login.

 It should be noted, though, that for high security applications and environments, a single form of authentication - no matter how secure - should not be used solely to provide access. A scan of a fingerprint could be coupled with entering a password, passphrase or with another access device such as a smartcard or access token in order to authenticate the user.


So, Should Users Upgrade to Windows 8.1?

With its list of new features that go beyond those mentioned above, Windows 8.1 is more than a service pack when it comes to improving security. That does not, however, answer the question of whether all users of Windows 8.0 should adopt Windows 8.1. From a strictly security-based perspective, the answer is yes, users should upgrade, however, there are also some important factors to consider, which means that an upgrade may not suit everyone.

First, there are some additional hardware requirements in Windows 8.1 over the previous Windows 8.0.  For users with older computers, it may be time to purchase a new computer, as opposed to trying to run Windows 8.1 on their existing systems. That, or users could remain on Windows 8.0, which will be supported until 2015. They could also chose to install the 32-bit version of Windows 8.1, which does not have new hardware requirements requirements. Alternatively, some users may even choose to downgrade to Windows 7, which will be supported until 2020.

Businesses in particular might have concerns with Microsoft's pervasive drive encryption technology that will potentially store decryption keys for users' drives in their SkyDrive accounts. Microsoft, like other businesses, has to respond to legal requests from law enforcement agencies for access to things like user accounts. If this includes the decryption keys for the computers' hard disk drives, then it raises red flag for privacy.


On the face of it, Windows 8.1 seems to be a worthwhile upgrade from Windows 8. The good news for users too is that Microsoft Windows 8 handles upgrades much better than previous versions of Windows, and Microsoft provides excellent advice and instructions throughout the upgrade process. 

The improvements to biometrics, manageability and, yes, even Windows Defender make it an obvious choice. However, there are potential privacy concerns, as well as potential hardware compatibility issues as well. If business and home users can verify that these are non-issues, Windows 8.1 is a useful and meaningful upgrade.