Microsoft Reveals How It Made Windows 10 “the Most Secure Windows Ever”

[frogboy]

Windows 10 Anniversary Update offers best security, it says

Microsoft improved security features in Windows 10 Anniversary Update, and this helped the company achieve what it describes as “the most secure Windows ever,” as not only that it fights against malware, but it can also prevent, detect, and remove ransomware.

In a blog post today, the company explains that it focused specifically on these steps in order to bolster security in the case of ransomware, so Windows 10 Anniversary Update fights against threats even before they reach your computer.

For example, Adobe Flash Player, which is one of the software solutions that are most often attacked by cybercriminals, runs in Microsoft Edge in an isolated container, which means that any successful exploit using one of its vulnerabilities cannot be expanded to system level. Furthermore, Microsoft locked the browser, so an exploit running in Edge cannot execute another program on your system.

Additionally, Windows 10 Anniversary Update fights ransomware with email protection using machine learning models and heuristics to detect links and email file attachments distributing infected files.

And last but not least, machine learning is obviously playing a key role in prevention, with Microsoft saying that it’s investing massively in identifying and blocking malware more quickly.

Windows Defender comes built-in
As far as the detection phase is concerned, it all comes down to Windows Defender, which itself integrates improved features, such as cloud protection and automatic sample submission.

If a system is infected, Microsoft says that Windows Defender Advanced Threat Protection (ATP) will come to the rescue by alerting security teams about breaches, providing security events information and cloud analytics.

Read More. Microsoft Reveals How It Made Windows 10 “the Most Secure Windows Ever”

 

[XhenEd]

Even though it's not specifically mentioned, I wish this does not only apply to Windows 10 Enterprise because some catchy names of MS technologies only apply to that OS version.

 

[jamescv7]

@XhenEd: Yeah, well a green light for sure where techniques mentioned for Windows Defender are already available on all versions.

AFAIK the policy editor is only available for Pro and Enterprise but not properly announced that will be not available to Single Language; hence users are trying to solve where the tool is not present on the system.

 

[Wave]

Microsoft improved security features in Windows 10 Anniversary Update, and this helped the company achieve what it describes as “the most secure Windows ever,” as not only that it fights against malware, but it can also prevent, detect, and remove ransomware.

Yes, I am sure they will love this sort of promotion in the news, everyone should go and download Windows 10 Anniversary Update right now, because it will make us as "secure" as ever - no malware authors will be able to touch us. Not only does it fight against malware better than ever, but it also prevents, detects and removes ransomware (which is a type of malware but I will say this additional part just to social engineer the reader a bit more).

For example, Adobe Flash Player, which is one of the software solutions that are most often attacked by cybercriminals, runs in Microsoft Edge in an isolated container, which means that any successful exploit using one of its vulnerabilities cannot be expanded to system level. Furthermore, Microsoft locked the browser, so an exploit running in Edge cannot execute another program on your system.

Basically what they are trying to say is that Microsoft Edge is now bullet-proof to exploitation because any exploits will fail due to the browser becoming locked and the isolated container. No, that is not how it works... The purpose of an exploit is to use a weakness in a system as an advantage, and therefore someone out there will be able to find a weakness in the isolated container/browser locking and will be able to use this as an advantage to do something which is typically involving malicious intent (exploit this vulnerability).

Sorry but this article is really ridiculous and is just trying to give the Anniversary Update a good promotion in the media.

 

[AtlBo]

No mention of memory mitigations in W10 frogboy. I think there are some standard memory mitigations in place in Windows 10 too. I don't think I can stand another MS blog post, so apologies that I didn't read it this time. Maybe it's in the post.

Not to bad mouth what is apparently MS' most secure OS yet. However, I have concerns. For example, maybe it's a strength now that MS pays attention to only 10 (or will be in the future), but what about long term? The OS is a sitting duck long term. That MS provides it and can update it and adjust to dangers is a plus, yes, but every hacker is working on one thing...solving the W10 security structure. With users using a broad variety of security products, this task is much more difficult to achieve.

For me, if someone wants to go with MS security, the best news is that security add ons are still available. You can still add to the built in protections with sandboxing or anti-keylogging or a firewall upgrade, etc. I guess it will be interesting to see what comes from the security companies in response to the more aggressive security measures in W10. What will they come up with to beat the native setup? Another interesting topic, will users use Edge browser?