Microsoft's newest upcoming operating system, Windows 8, is said to contain more security features, making it harder for malware to infect the system, says these reports (1) (2).
For instance, one difference between Windows 7 and 8 is including more exploit-mitigation technologies. In that regard, two programs, the Windows Heap Manager and Windows Kernel Pool Allocator will make it far harder for attackers to exploit buffer-overflow vulnerabilities.
There will be a 'security sandbox' for Windows 8. This more restrictive security sandbox will contain the new Windows 8 Apps. This is a mechanism to prevent programs from performing disruptive actions.
The new App Container provides the operating system with a way to make more fine-grained decisions on what actions certain applications can perform. All apps run with extremely low privileges and have limited access to resources.
There will be a measured boot. In Windows 8, Microsoft will put in a new boot process signature whereby there is a signature of the entire boot process and stored in the TPM chip in order to prevent malware from infecting the system.
An update to Windows Defender will be in Windows 8. Instead of it being a spyware/adware program, it is a full-blown anti virus. The interface is questionable, it looks just like Microsoft Security Essentials on Windows XP, Vista, and 7.
Internet Explorer 10
The new version of IE 10 will be put into Windows 8. All tabs and IE processes are isolated from one another. Something in tab 1 couldn’t tamper with tab 2 or capture any of the data.
While these security features do sound good, we won't know how good they are until Windows 8 is under the wrath of malware authors.