5. Security Issues
2. System Specifications
3. Product Overview
5. Security Issues
6. Gaming Experience
7. Availability And Price
8. Windows Installation
9. Drivers Installation
10. Test System
11. Game Benchmarks - Far Cry
12. Game Benchmarks - Colin McRae 2005
13. Game Benchmarks - Half Life 2
14. Application Benchmarks - 3DMark2003
15. Application Benchmarks - 3DMark2005
16. Application Benchmarks - PCMark04
17. Application Benchmarks - SiSoftware Sandra 2004
18. Application Benchmarks - Science Mark 2
19. Application Benchmarks - Pov-Ray
21. Drivers Availability
22. Programs that are not supported
What about security with the new Windows? What are the differences from the previous Windows?
An important new feature in the x64 processor architecture is the Data Execution Protection (DEP) bit that controls which areas of memory can be used to execute code. While AMD and Intel have different names and slightly different implementations for this feature, the result is an enhanced layer of hardware protection against some of the most destructive worms and exploits of the past several years.
Data Execution Protection
Beginning with Windows XP Service Pack 2 (SP2) and continuing with Windows Server 2003 SP1 and Windows XP Professional x64 Edition, Windows uses DEP to prevent malicious code from being able to execute, even when a buffer overrun occurs. Even without a processor that supports DEP in hardware, Windows is able to detect code running from memory locations that it should not.
With the introduction of x64 processors, both AMD and Intel added hardware support for DEP. The processor sets the No Execute bit (for AMD processors) or the Execute Disable bit (for Intel processors) on all entries in the memory address table that are for data only and should not be executed. If code attempts to execute from within an area of memory marked as data only, Windows will raise a status access violation exception and terminate the process.
While DEP is by no means a substitute for a well-designed and implemented anti-virus and anti-malware deployment in any organization, it is an important additional layer of protection that would have prevented the spread of the MSBlaster worm had it been widely implemented at the time.
The x64 versions of Windows also support Microsoft's PatchGuard technology that prevents non-Microsoft originated programs from patching the Windows kernel. This technology, available only on Windows x64 Editions, prevents kernel mode drivers from extending or replacing kernel services including system service dispatch tables, the interrupt descriptor table (IDT), and the global descriptor table (GDT). Third-party software is also prevented from allocating kernel stacks or patching any part of the kernel.