Operating system security

Windows OS security brief history

Greg Belding
October 15, 2019 by
Greg Belding

Microsoft’s Windows operating system (OS) is possibly the most famous OS on Earth, and it is ubiquitous in the business world. But the Windows OS has also evolved since its first appearance, adding considerable security capabilities and features. 

This article will show a brief history of Windows OS security development and refinement since Windows 1. 

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Windows’ main weakness

Windows is loved by its users because it offers tremendous application availability. However, this strength is also its biggest weakness. By allowing an open approach toward applications, Windows also exposes itself to malware more often than other operating systems. 

Windows 1 — Windows 9X (1983-1996)

Windows 1 was the first version of Windows OS and was released on November 20, 1985. This version of Windows didn’t come with OS security. In fact, Windows 1 through Windows 9x didn’t have OS security systems. They had rudimentary logon security (which did not store passwords in the OS) and very limited logging capabilities.

A major limitation to early Windows OS versions (and MS-DOS) was the fact that the file system they used was File Allocation Table (FAT). While considered a robust file system for early OSes, it was intended for smaller drives and for simplistic folder hierarchies. FAT used no security measures, meaning it was easy to access, modify and delete information stored using this system.

Security issues were compounded by the fact that 16-bit Windows OS versions were practically impossible to update without expanding to 32-bit. The now-ubiquitous and frequent Windows security update didn’t exist in the early days of Windows. On top of all of that, the early Windows versions didn’t allow multiple users, so every user of a shared computer used the same login credentials. 

Windows NT

This version of Windows OS was a watershed moment for Microsoft in terms of OS security. Windows NT was the first security-minded Windows OS and used the New Technology File System (NTFS) as a filing system. NTFS offered considerable improvements over FAT, including:

  • NTFS offers longer file and folder names. FAT32 (32-bit) only offers up to 11 characters, while NTFS offers up to 255
  • NTFS offers greater object security by storing file access rights
  • NTFS logs every time it writes information (crucial for security audits)
  • Encryption

Windows 2000

Windows 2000 introduced Data Protection Application Programming Interface (DPAPI). This built-in component allowed for asymmetric encryption of private keys.

Windows XP

The next major OS security facelift for Windows OS came with Windows XP in 2001. Sold as Microsoft’s most secure OS ever, Windows XP ended up becoming the most patched because of its widespread use. Among the security improvements in Windows XP were:

  • AutoPlay: Allows the OS to identify when removable media was inserted
  • Improved DPAPI security by using a SHA1 hash of the Master Key Password
  • Password Reset Wizard: Uses a password reset disk
  • Credential manager: Stores user credentials for user accounts
  • Introduction of Windows Security Center: Continually monitors security and services
  • Improved encryption capabilities

Windows Vista

Released in 2007, Windows Vista continued the tradition of improving security by introducing the following new OS security capabilities:

  • User Account Control (UAC): This security control feature helps to ensure that unauthorized OS changes are not made without administrator approval
  • Windows Defender: This in-built anti-spyware solution protects the OS from unwanted or rogue software by blocking it and when needed, removing it
  • BitLocker: Windows encryption feature

Windows 7

Windows 7 debuted with the following security improvements:

  • Data Execution Prevention (DEP): This security technique marks data pages as non-executable stopping attackers from injecting code
  • Address Space Layout Randomization (ASLR): Randomizes memory addresses, making it harder to carry out memory-based attacks
  • Improved cryptography
  • Enhanced BitLocker capabilities

Windows 8

The security changes in Windows 8 were mostly hardware-based. One OS-based security change was the addition of AppContainer. Enabled by a new integrity level that stops read and write access to higher integrity items, AppContainer was an improvement over previous versions of Windows that allowed low-integrity applications to access medium- and high-integrity objects. AppContainer enriched the OS’s overall security landscape.

Windows 10

Released in 2015, Windows 10 is the latest of the Windows OSs, and comes with:

  • Windows Defender Credential Guard: This new Windows Defender capability isolates credentials and only allows privileged system software to access them, making it harder to attack the OS
  • Improved security baseline by enabling svchost.exe

Learn Windows 10 Host Security

Learn Windows 10 Host Security

Build your Windows skills with 13 courses covering Windows registry, services, processes, toolset and more.

Conclusion

At its start, the Windows OS wasn’t known for security. Starting in Windows NT, with its NTFS file system, Windows has grown into a reliably secure OS. 

Windows does still leave itself open to more attacks by allowing the open development and use of third-party applications. With every update though, more security decisions are being made default, making every Windows system more secure. 

Sources

Greg Belding
Greg Belding

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.