Microsoft’s director of program management at Windows enterprise and security, Rob Lefferts, recently delved into the added security benefits provided by the current public release of Windows 10 and detailed several security features coming with the Anniversary Update due in August.
He emphasised the importance of Windows 10’s platform architecture, pre and post-breach defense, and identity and information protection. “Hardware based isolation, with Virtualization Based Security (VBS), is one of the key ways we’ve hardened against attacks with Windows 10,” Lefferts explains. “With Windows 10, this secure execution environment powered some of our most impactful security features, including Virtual TPM, Device Guard and Credential Guard. Credential Guard has proven so impactful that customers have told us that it’s their top-priority security feature and a benefit that is so compelling that it justifies the Windows 10 deployment all by itself.”
VBS essentially compartmentalizes different sections of the operating system and other data so as to minimize the effects of a security breach. Instead of all the data being accessed or corrupted, ideally, only the data in the immediate area is affected. This will be further expanded with the Windows 10 Anniversary Update which will incorporate Windows Hello’s biometrics validation components and the user’s biometric data into the sections that are secured by this method.
Lefferts also praised Microsoft Edge’s improved security and called out the following security features:
- The use of our AppContainer sandboxing technology enables us to isolate the browser from the rest of the OS, apps and user data.
- A new plug-in model prevents plug-ins implemented with insecure designs from running.
- New mitigations in ASLR and Control Flow Guard harden the browser from code injection and memory corruption attacks to help defeat common exploit techniques, such as heap spraying and ROP.
- Untrusted and malicious fonts that were served by web pages and embedded in docs are now blocked and the font parsing code has been sandboxed.
“The impacts of these improvements has been profound,” Lefferts claims. “At this point we have no evidence of vulnerabilities that have been discovered in Microsoft Edge being successfully exploited in the wild which is due in part because of new improvements.”
Microsoft Edge’s security features will continue to evolve with the Anniversary Update. Lefferts elaborates, “First, we’re isolating Flash outside of the browser so that attacks that target Flash vulnerabilities can be contained and are less likely to impact the browser and the rest of the system. Second, we’ve dramatically limited the surface area of attack within Microsoft Edge and Internet Explorer by restricting its access to non-critical Windows subsystems.”
Microsoft has been promoting the security of their new web browser since before its launch last year and it’s an aspect of Edge that continues to evolve. Another program that launched with Windows 10 was the improved anti-malware program, Windows Defender, which will has been “improved substantially in the Windows 10 Anniversary Update,” says Lefferts. “The fruits of this ongoing multi-year effort are now becoming visible within the industry AV comparison tests where we’ve seen Windows Defender scores improve substantially over the last 12 months improving to 99.8% detection in prevalence testing in April 2016 – a more than 11 percent improvement year over year.”
The Windows 10 Anniversary Update will begin rolling out on August 2nd and will bring with it improvements for other Windows 10 features such as Cortana and Xbox in addition to the added security mentioned above. Have you updated to the latest version of Windows 10 yet? Let us know your status in the comments below.Further reading: Cybersecurity, Microsoft, Windows 10, Windows 10 Anniversary Update