Are Microsoft actually taking security seriously this time around?
Windows has had plenty of problems with hackers because it was (and still is) the most popular operating system on the planet–but times have changed. Windows is still viciously popular, and is still the most commonly used operating system for desktop devices, but hackers have different priorities these days.
As a hacker, why bother trying to break into the ever updating Windows system to gain access to a company’s systems when their employees will click a hacker’s links in Twitter? Why hack a Windows computer to get financial information, when hackers can crack your PayPal or Skrill passwords and wire themselves as much money as they like? The answers to people’s secret questions for their bank accounts can be found by the information they have added to Facebook, and people will happily download unchecked and free apps to their phones.
There are so many ways to gain access to a person’s devices, to steal their information, and to steal their identity, that it seems far less resourceful trying to break into their Windows operating system. Whilst there is of course still some worth to a Windows hack, it now seems almost inconvenient when there are so many other ways to attack a company.
With all this in mind, does Microsoft actually now care about security? Whilst they have spent previous years with a far larger target on their backs, it would now appear so with the latest Windows launch (which we have discussed in a previous blog post). Here are a few security features that Microsoft say will significantly improve your device and internet security:
1. Device Guard: Zero-Day Defense
Microsoft is staying ahead of zero-day attackers with their Device Guard. It blocks zero-day attacks by firstly vetting applications that are trying to access Windows 10 networks or machines. A company may set the Device Guard to be as aggressive as they desire to block executable and script based malware while AV will continues to cover areas where Device Guard doesn’t, such as JIT based apps and macros within documents.
2. Windows Hello
So much is said about how passwords are cardboard tigers, that things such as biometrics are gaining more and more popularity. People are nervous about giving the government things to identify them, and yet people are willing to let their technology use their face, finger or iris as a password alternative. Windows 10 has all the software ingredients needed for biometric scanning, though they are relying on OEM partners to build in support for Windows Biometric Framework.
3. CPU Virtualization Virtual Secure Mode
A hacker can go deeper into your enterprise infrastructure once he or she has cracked your computer and found its credentials on the system, and that is why Microsoft have created their “Virtual Secure Mode” (VSM). It uses the CPU of the computer to create a CPU virtualization that protects key aspects of your PC, which includes your credentials (aka tokens) and data.
4. The Edge Web Browser
Internet Explorer is not going away, but another Microsoft web browser is edging its way in. Microsoft Edge was created to fight off the most sophisticated online attacks, and it has a security feature that reduces extension support.
As you may know, web browsers such as Chrome, Firefox, etc, are prone to attack via extensions. They are a good way to sneak onto a system. Edge will no longer support the extensions VB Script, VML, Toolbars, ActiveX or BHOs.
There are many more security features within Edge, which includes an app controller sandbox.
5. Secure Boot
The Secure Boot system was also a part of Windows 8, but most companies shipped their devices with Secure Boot off, so it didn’t get the recognition it deserves. It works a little like Device Guard in that it only allows trusted executables to run on your devices. It thwarts the hackers that try to inject low-level malware such as rootkits.
Speaking of executables, the Windows store is offering trusted apps. The Microsoft store acts like Google Play or the Apple App store, in that apps are checked by admins before they are placed on the system, which should help improve the security of Windows users that want to download apps.
10 Security Reasons to Upgrade to Windows 10 on video below:
The opinions and views of the authors do not always coincide with the point of view malwarelist.net editors. You can leave your opinion in the comments below.
David Munro is the Joint Owner of Abica, a Glasgow based, business telecoms & IT provider.