本帖最后由 驭龙 于 2014-2-11 10:05 编辑
最近终于发现一点关于Windows Defender相关的信息,跟过一段时间的Windows 8.1 Update1有关,似乎是与cloud-enabled Provable PC Health (缩写为何是PPHC呢,难道是应该这样写Provable PC Health Cloud-Enabled),似乎Update 1中会给WD更新新的反恶意软件技术,不知道是真是假,我们拭目以待吧,下面是英文的原文。
The Windows 8.1 Update 1 might be released in April instead of March, according to a report published on Tuesday, a couple of days after the leak of a beta build showing changes in the update that would benefit users accustomed to the traditional, non-”Modern” PC environment. Meanwhile, it’s also conceivable that the performance of Microsoft’s built-in Defender anti-malware software will improve by then.
According to a report by ZDNet’s Mary Jo Foley, Microsoft now expects to release Update 1 on April 8 rather than the originally planned March 11, possibly because the earlier timetable was too ambitious.
Like March 11, April 8 is a “Patch Tuesday.” The release of Update 1 on April 8 would also make sense in that this date comes right after Microsoft’s Build developers conference in early April, where Microsoft is expected to talk up the update.
For her part, Foley also dismissed speculation that Update 1 will alter the start-up experience so that the desktop screen — as opposed to the Modern Start screen — would become the default fault-up screen.
However, those who downloaded the leaked build did see evidence of other previously rumored features. These include a new icon in the upper-left corner of Modern apps for splitting, minimizing, or closing the app; Power Down and Search tiles at the top right of the Modern screen; right-click contextual menus for tiles; and the ability to put icons for Windows Store apps on the desktop’s taskbar.
Windows_Defender Better Anti-Malware Security, Too?
Meanwhile, also this week, a Microsoft spokesperson revealed that, in an update in December, Microsoft added better analysis capabilities to the cloud-enabled Provable PC Health (PPHC), one of two components of new anti-malware technology introduced in Windows 8.1. PPHC is designed to work with a new behavior monitoring capability in Windows’ built-in Defender anti-virus software.
Microsoft is also “continuing to enhance the analysis notification services” in PPHC, the spokesperson said, in an email to TabletPCReview, a sister publication to NotebookReview. She gave no indication, though, as to when and how these services will be enhanced, or whether they might appear in Update 1.
Meanwhile, in tests conducted in November and December, Microsoft’s built-in Defender software continued to finish dead last against 24 third-party vendors in “real world protection” — or protection against new and unknown malware — and to finish somewhat below average in detecting the sorts of known malware that are already included in virus databases.
The new behavior monitoring capability is aimed at “detecting polymorphic and repackaged malware families based on familiar patterns of malicious behavior on the device,” the spokesperson said.
“Our end user goal of PPCH, as with Windows Defender, is to protect our customers with little or no user interaction and to leverage existing user workflows,” she added. “Therefore PPCH doesn’t include new user experiences and notification mechanisms. We leverage the existing infrastructure and enable them to surface new notifications and actions. For example, if an active keylogger were found and removed from the user’s PC, the notification would be presented to the user in the Action Center. In addition, the cloud could initiate an account remediation action like a password reset since the MSA would be at risk. If a more serious malware infection was detected by our cloud Service, we will send immediate signatures to the client which could also trigger a user notification for advanced remediation action. The protection enhancements are designed to be seamless with the current user’s experiences.”
Andreas Marx, CEO of AV-Test, conjectured that improvements to Microsoft’s anti-malware capabilities might show up with Update 1.
“We used the latest RC version, the RTM version and a fully-updated Windows 8.1 license for this test. In all three versions we reviewed, we can ‘see’ the traffic
which is generated by the anti-malware program in Windows 8.1 and whichis most likely related to the (potential malware) activities which are happening on the system. This means the cloud-based activity feature is definitely enabled and working,” he said in an email.
“We expect that Microsoft is now better able to track what’s going on, malware-wise, on an (infected) PC. However, when signatures are created/generated by the Microsoft anti-malware team, all users will benefit from them, as they are available and will be deployed to users of Security Essentials (on Windows XP, Vista and 7) as well as Windows Defender (on Windows 8 and 8.1),” he noted.
“What only Microsoft might be able to tell you is if they plan to further improve this feature in the Windows 8.1 Update which is scheduled for March/April 2014. We do not have access to a beta version yet (which was just leaked), so we cannot tell you more on ‘Provable PC Health’ yet.”
大谷歌的机器翻译(其中现代等于Modern界面)
在Windows 8.1更新1可能在四月发布的,而不是3月,根据的测试构建出变化更新,将有利于用户习惯于传统的,非“泄漏后,本周二公布,一两天的报告现代“的PC环境。同时,它也是可以想象的是微软的内置卫士防恶意软件的性能将提高到那时。
据报告ZDNet的玛丽·乔·弗利,微软目前预计发布时间1 4月8日,而不是原先计划的3月11日可能是因为早期的时间表过于雄心勃勃。
像3月11日4月8日是一个“补丁星期二”。更新1 4月8日发行也将是有意义的,经过正确的在四月初,微软有望谈起来更新微软的构建开发者大会这个日期来。
对于她来说,福莱也被驳回猜测更新1将改变开办经验,使桌面屏幕 - 而不是现代开始屏幕 - 将成为默认的故障画面。
然而,那些谁下载了泄露版本确实看到其他此前传闻的功能的证据。这些措施包括在分裂的现代应用程序的左上角一个新的图标,最小化或关闭应用程序;掉电搜索瓷砖在现代屏幕的右上角,右键单击上下文菜单砖;和能力把图标的Windows Store应用程序在桌面的任务栏上。
Windows_Defender更好的反恶意软件安全性,太?
同时,这也是本周,微软发言人透露,在12月的更新,微软增加了更好的分析能力,云计算功能的可证明电脑健康( PPHC )的在Windows 8.1引入了新的反恶意软件技术的两个组成部分之一。 PPHC的设计与Windows内置的后卫防病毒软件的新行为的监测工作能力。
微软还“继续加强分析服务的通知”中PPHC ,该发言人说,在一封电子邮件中向TabletPCReview ,一个姊妹刊物NotebookReview 。看不出她,不过,至于何时以及如何将这些服务将得到加强,或者它们是否可能出现在更新1 。
同时,在十一月和十二月进行的测试中,微软内置的后卫软件继续完成最后死对24第三方厂商在“现实世界保护” - 或防范新的和未知的恶意软件 - 并完成一定程度上低于平均水平检测在各种已知的恶意软件,已经包含在病毒库。
新的行为监控能力的目的是“多态的检测和重新包装的基础上熟悉的设备上的恶意行为模式的恶意软件家族, ”该发言人说。
“我们的最终用户PPCH的目标,与Windows Defender的,就是保护我们的客户,很少或没有用户交互,并充分利用现有的用户的工作流程, ”她补充说。 “因此PPCH不包括新的用户体验和通知机制。我们充分利用现有的基础设施,使他们能够浮现新的通知和行动。例如,如果一个活跃的键盘记录被发现,并从用户的PC中删除,该通知将提交于操作中心的用户。此外,云计算可以发起就像一张密码重设帐户整治行动以来, MSA将处于危险之中。如果更严重的恶意软件感染是由我们的云服务检测,我们将立即发送签名的客户端,这也引发对先进整治行动用户通知。保护增强功能被设计成无缝的与当前用户的体验。 “
安德烈亚斯·马克思, AV-test的首席执行官,推测改进微软的反恶意软件功能可能会显示与更新1 。
“我们使用了最新的RC版, RTM版和完全更新,本次测试的Windows 8.1的许可证。在我们审查了所有三个版本,我们可以“看见”交通
这是由在Windows 8.1和whichis最有可能与(潜在的恶意软件)活动,都发生在系统上的反恶意软件程序生成。这意味着基于云的业务功能肯定是启用和工作, “他在一封电子邮件中说。
“我们预计,微软现在能够更好地跟踪发生了什么事情,恶意软件,明智的,一(感染者)的电脑上。但是,创建签名时/由微软反恶意软件小组生成的,所有用户都将受益于他们,因为他们是可用的,将被部署到Security Essentials的用户(在Windows XP , Vista和7 ),以及Windows Defender的(在Windows 8和8.1 ) , “他说。
如果他们计划在预定2014年3月/ 4月为Windows 8.1更新,以进一步改善这一功能“是什么只有微软也许能告诉你的是。我们没有获得一个尚未测试版(这是刚刚泄露) ,所以我们不能告诉你更多关于“可证明电脑健康'呢。” |
发表于 2014-2-11 09:56:07
这是强化云响应和行为防护的节奏?
楼主
