Microsoft Windows: What you need to know about what's coming next

Antus67

Level 9
Thread author
Verified
Well-known
Nov 3, 2019
413
Dual-screen devices running Windows 10X are just part of the new direction for Windows as Microsoft continues to modularise the OS.

Microsoft isn't calling Windows 10X (and the dual-screen Windows tablets it will power) a 're-imagining' of Windows the way it did with Windows RT and the first Surface tablet. Instead it's an 'evolution' of Windows 10 to cater for new dual-screen devices from Microsoft and OEMs like Dell and HP.

Windows 10X is far more restrictive than the ARM64 version of Windows 10, which is just Windows running on an Arm processor, although it can't (yet) run x64 apps. It's both more and less restrictive than Windows RT or Windows 10 S Mode. Unlike Windows RT, 10X can run most desktop Windows applications. Unlike Windows in S Mode, it's not limited to running applications from the Windows Store: you'll be able to install applications from the web or a USB stick, and code doesn't have to be signed -- but it does have to have a 'good reputation' (reputation will be based on Microsoft's Security Graph and will work much like Windows Defender Smart Screen).

But S Mode supports system tray apps like the OneNote desktop screen clipper, whereas Windows 10X doesn't allow those. Nor does it allow File Explorer add-ins or global keyboard shortcuts beyond the ones built into Windows. Not having startup tasks and blocking tools like registry cleaners will improve performance and stop it from degrading over time.

Windows 10X is designed for security and isolation, running all traditional Win32 apps in a container (actually a lightweight VM), separating the state of apps and drivers from the OS itself (with all the system files, registry keys and other data for an app written to an app data folder in the Win32 container rather than into the OS), and making the OS read-only. That speeds up updates, and means you don't need as much anti-malware scanning -- which again improves performance.


Windows 10X takes the Desktop Activity Moderation (DAM) of Windows 8 much further: DAM only kicked in when an Always On device was on, but the screen was off. Windows 10X will allocate more resources to apps running in the foreground, suspend background tasks including NT services, reduce resources allocated to Win32 and MSIX apps when their windows aren't visible on-screen and suspend them completely when their windows are minimised or closed. That's part of how Windows can drive a device with two screens (always power-hungry components) without draining the battery.

UWP apps already have better performance, battery life and security, but they haven't completely displaced Win32 desktop apps. Windows 10X is Microsoft's latest attempt to create a modern, mobile, more secure OS that will service a device you can carry around with you like an iPad that's also a PC that will run most -- but not all -- of your PC apps.

But the Windows Core OS (WCOS) work is much broader than Microsoft's latest approach to a tablet OS. OneCore is the common parts of Windows that go into Xbox and HoloLens as well as Windows, and that will build on WCOS.

WCOS is also about how Azure builds on Windows Server. There's an increasingly wide range of hardware available in Azure, from the FPGAs that power some networking and machine-learning services, to the GPU-powered VMs for data scientists, to 12TB 'beast' servers for running SAP HANA). Then there's the way OS server updates are done as hot patches with so little downtime that the Ethernet connection might not be interrupted. All this means that keeping Azure up to date is more complicated than just installing a new version of Windows Server. A more modular, fully composable and componentised operating system that decouples core features like the kernel and networking stack from other areas of the system makes those updates easier, but will also benefit many other systems built on Windows.

Microsoft previously announced a Surface Hub 2X upgrade for the Surface Hub 2S to let you rotate the screen and tile multiple Hubs to create a bigger display, by upgrading the CPU and GPU with a processor cartridge. However, according to a leaked webinar, adding tiling and rotation may not actually need a hardware upgrade after all. The same WCOS work that's enabling dual screens for Windows 10X might be enough to do the same for Surface Hub, but that won't be in the 2020 H1 update for Surface Hub, which focuses on deployment and management features for IT departments.

Windows 10X doesn't replace Windows 10 because it's specifically targeted as a mobile tablet OS for devices where security and battery life are priorities. But the WCOS developments underpinning Windows 10X will be going into future versions of Windows 10. Microsoft hasn't yet confirmed if these will be in the 2020 H2 version of Windows or, more likely, the 2021 H1 release. The company now officially talks about "a small fall update and a comprehensive spring update", which has a longer (30-month) enterprise support lifecycle. Major changes like this are more likely in spring updates.

The 2020 H1 update doesn't have a lot of major features, but brings a range of useful improvements: better Bluetooth pairing; using Windows Search to power the search box in File Explorer; passwordless sign in and the ability to use the Windows Hello PIN to sign in to Safe mode; the ability to reset Windows from the cloud rather than needing a local recovery partition; more useful network status information; seeing the GPU temperature in task manager; and making the option to restart apps you were running before you restarted Windows easier to find.

Windows 10X also supports Intel's upcoming CPUs, which mix large and small cores -- a combination that Arm has offered for some time -- to reduce power usage. Demanding software will use a large core, but less demanding apps can run on the small core. That's something we expect to see Windows 10 support as well.

Integrated scheduler, separate interface controls
The biggest new feature in 2020 H1 will be WSL 2, which relies on essentially the same Krypton containers as Docker on Windows or the Windows Sandbox to run the Linux kernel in a lightweight VM that shares resource management and scheduling with the Windows kernel. This improves both Linux performance and compatibility over the original WSL approach.

Having created similar lightweight Hyper-V systems for Docker, Windows Defender Application Guard (which has its own kernel) and the Windows Sandbox, the Hyper-V team decided to use the Host Compute Service API in Hyper-V as a platform to allow different Microsoft teams to create their own versions. These Krypton containers don't have their own copy of the kernel32 module (which is what exposes kernel services to the Win32 environment in Windows) or their own memory allocation and scheduler. They get a read-only version of the same Windows binaries that are already running, so you don't have to wait for an OS to start up. They direct map in the memory where kernel32 runs in the host, and get memory from the standard Windows memory manager. And their workloads are scheduled by the standard Windows scheduler, so it can freeze threads and suspend processes inside the VM.

That stops the VMs needing significant amounts of memory or slowing the system down, and the connection to the container (which uses the familiar Remote Desktop Protocol) is protected by Control Flow Guard to stop it being abused by an attacker.

SEE: Emerging technology: What tech pros need to know (TechRepublic Premium)

Microsoft hasn't confirmed whether Krypton is what's powering the Win32 containers on Windows 10X, with group program manager Andrew Clinick saying only that "the Win32 container is built using much of the same technology as WSL". But whether it's Krypton or another slight variation, that's how Microsoft is able to get the combination of performance and battery life, and it's certainly what's behind an increasing number of virtualised features in Windows that improve security while maintaining more compatibility than 10X is designed for.

Then there's the way WinUI 3 separates the Windows UI platform (which both Microsoft and third-party developers can use for both UWP and Win32 apps) from the shipping versions of Windows.

Previously the WinUI controls and APIs were part of the Windows SDK, which ships twice a year with the Semi Annual Channel releases of Windows and also includes changes to the app platform (like the model for how applications suspend, resume or run in the background). Now, new user interface controls will ship more often than Windows, in the same way that the new Chromium-based Edge browser ships every six weeks rather than only when Windows gets an update. That means that in-box applications like Mail and Calculator could also change their interface without a new version of Windows coming out, because the interface components are decoupled from the Windows version.

Some of these changes will also come to older versions of Windows because if developers choose, some WinUI apps can run in the new Edge browser using WebAssembly and the Uno Platform, on Windows 7 and 8, or even on the Mac. That's not going to change an app like Calculator on Windows 7 but it does give enterprises a strategy for taking advantage of new Windows options without excluding users on older versions of Windows. WinUI is even moving towards being open-source, so Xamarin, React Native and Flutter apps that run on Windows 10 and 10X will essentially be UWP applications.

As an OS that's been developed over nearly 30 years, Windows is a complex system and some of the internals still aren't completely documented, which complicates the ongoing work to improve isolation and modularisation. The much-misunderstood MinWin was actually part of the internal work to document the internals of Windows and refactor interfaces so that applications calling, for example, the audio stack didn't have to reach into kernel mode but could talk to a high-level API.

Windows 10X sacrifices a certain amount of compatibility for security and battery life, in particular doing away with system tray tools and system-wide, third-party keyboard shortcuts. But the WCOS work of separating more of Windows into components that can be put together in different ways is going to show up in many more places in 2020 and beyond.


Source: Microsoft Windows: What you need to know about what's coming next
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top