Dropbox For Windows 8.1 64 Bit

Almost new PCs have been shipping with the 64-bit version of Windows — both Windows 7 and 8 — for years now. 64-bit flake versions of Windows aren't only about taking advantage of additional memory. They're likewise more secure than 32-chip versions.

64-bit operating systems aren't immune to malware, but they do have more than security features. Some of this likewise applies to 64-bit versions of other operating systems, such as Linux. Linux users will gain security advantages by switching to a 64-bit version of their Linux distribution.

Accost Space Layout Randomization

ASLR is a security feature that causes a program's data locations to be randomly bundled in retentivity. Before ASLR, a program'due south data locations in retentiveness could exist predictable, which made attacks on a plan much easier. With ASLR, an attacker has to guess the right location in retention when trying to exploit a vulnerability in a program. An incorrect guess may issue in the program crashing, so the assaulter won't be able to attempt again.

This security characteristic is also used on 32-bit versions of Windows and other operating systems, but it's much more than powerful on 64-scrap versions of Windows. A 64-bit organisation has a much larger accost space than a 32-chip organisation, making ASLR that much more effective.

Mandatory Driver Signing

The 64-fleck version of Windows enforces mandatory driver signing. All commuter code on the system must have a digital signature. This includes kernel-fashion devices drivers and user-mode drivers, such every bit printer drivers.

Mandatory driver signing prevents unsigned drivers provided by malware from running on the arrangement. Malware authors volition have to somehow featherbed the signing procedure through a kicking-time rootkit or manage to sign the infected drivers with a valid document stolen from a legitimate driver developer. This makes information technology more difficult for infected drivers to run on the system.

Commuter signing could also be enforced on 32-bit versions of Windows, simply it isn't — likely for continued compatibility with onetime 32-chip drivers that may not have been signed.

To disable driver signing during evolution on 64-bit editions of Windows, yous would take to attach a kernel debugger or use a special startup option that doesn't persist across system reboots.

Kernel Patch Protection

KPP, likewise known as PatchGuard, is a security feature merely found on 64-bit versions of Windows. PatchGuard prevents software, even drivers running in kernel-mode, from patching the Windows kernel. This has always been unsupported, merely it's technically possible on 32-fleck versions of Windows. Some 32-scrap antivirus programs accept implemented their antivirus protection measures using kernel patching.

PatchGuard prevents device drivers from patching the kernel. For instance, PatchGuard prevents rootkits from modifying the Windows kernel to embed themselves in the operating system. If an attempt at kernel patching is detected, Windows will immediately shut downwards with a blue screen or reboot.

This protection could exist put into place on the 32-flake version of Windows, but it hasn't been — likely for continued compatibility with legacy 32-chip software that depends on this access.

Data Execution Protection

DEP allows an operating system to marking certain areas of memory as "non-executable" by setting an "NX bit." Areas of memory that are supposed to hold information only will not be executable.

For example, on a system without DEP, an attacker could use some sort of buffer overflow to write code into a region of an application'south retentiveness. This code could then exist executed. With DEP, the assailant could write code into a region of the application'south retentivity — just this region would be marked as not-executable and could not exist executed, which would stop the attack.

64-bit operating systems have hardware-based DEP. While this is also supported on 32-scrap versions of Windows if you accept a modern CPU, the default settings are more stringent and DEP is always enabled for 64-chip programs, while it'due south disabled past default for 32-bit programs for compatibility reasons.

The DEP configuration dialog in Windows is a flake misleading. As Microsoft'southward documentation states, DEP is always used for all 64-flake processes:

"Organization DEP configuration settings apply only for 32-bit applications and processes when running on 32-bit or 64-bit versions of Windows. On 64-bit versions of Windows, if hardware-enforced DEP is bachelor it is always applied to 64-bit processes and kernel memory spaces and there are no system configuration settings to disable it."

WOW64

64-flake versions of Windows run 32-bit Windows software, just they do it through a compatibility layer known equally WOW64 (Windows 32-flake on Windows 64-bit). This compatibility layer enforces some restrictions on these 32-flake programs, which may prevent 32-bit malware from functioning properly. 32-fleck malware will also exist unable run in kernel mode — simply 64-bit programs can do that on a 64-fleck OS — so this may forestall some older 32-bit malware from functioning properly. For instance, if you have an old sound CD with the Sony rootkit on it, information technology won't exist capable of installing itself on a 64-bit version of Windows.

64-bit versions of Windows as well drib support for old 16-bit programs. In add-on to preventing ancient 16-bit viruses from executing, this will too force companies to upgrade their ancient 16-chip programs that could be vulnerable and unpatched.

Given how widespread 64-bit versions of Windows at present are, new malware will probable exist capable of running on 64-bit Windows. However, the lack of compatibility can assist protect confronting erstwhile malware in the wild.

Unless you use creaky sometime sixteen-flake programs, ancient hardware that only offers 32-bit drivers, or a computer with a fairly old 32-bit CPU, you lot should be using the 64-bit version of Windows. If you lot're not certain which version you're using but you accept a modernistic computer running Windows 7 or 8, you're likely using the 64-fleck edition.

Of form, none of these security features is foolproof, and a 64-chip version of Windows is still vulnerable to malware. All the same, 64-scrap versions of Windows are definitely more secure.

Image Credit: William Claw on Flickr