Security in Windows 10 has been a hot topic recently. Microsoft has said from the launch of the platform that security is a focus and maintaining user privacy is hugely important. To further its commitment, the company's researchers have found that Windows 10 blocked two zero day exploits with the need for patches.
Specifically, the Windows 10 Anniversary Update proved capable of dealing with this exploits. While testing Windows 10 and Microsoft Edge exploit-mitigations, researchers found the platform was dealing with the exploit.
Microsoft's Windows Defender team used two known exploits to test Windows 10. One was the CVE-2016-7255 zero day which targeted various companies in the US during October, 2016. It was launched by the STRONTIUM attack group and was a spear-phishing campaign that targeted small organizations. The second exploit is CVE-2016-7256 was running in South Korea during November, 2016.
These are two kernel-level exploits that were patched during November. However, Microsoft says systems running the Anniversary Update would not have been compromised. Needless to say, systems running older Windows versions would have been vulnerable.
It is worth mentioning that mitigations like AppContainer sandboxing dealt with exploits using known techniques. Of course, zero day's using new techniques could still present problems for the Anniversary Update.
“We saw how exploit mitigation techniques in Windows 10 Anniversary Update, which was released months before these zero-day attacks, managed to neutralize not only the specific exploits but also their exploit methods,” Microsoft describes in a blog post. “As a result, these mitigation techniques are significantly reducing attack surfaces that would have been available to future zero-day exploits.”
“By delivering these mitigation techniques, we are increasing the cost of exploit development, forcing attackers to find ways around new defense layers. Even the simple tactical mitigation against popular RW primitives forces the exploit authors to spend more time and resources in finding new attack routes.”
Windows 10 Security
Windows 10 Anniversary Update was released for PCs in August, 2016. The feature upgrade was rolled out gradually over the next months. It is on a vast majority of Windows 10 machines.
Microsoft's security for Windows 10 has been in the spotlight over the last week. The company won cautious praise from the Electronic Frontier Foundation (EFF) because the company decided to cut the amount of diagnostic data Windows 10 gathers.
Also last week, Microsoft spoke about an affirmation of commitment to its user privacy in Windows 10. To highlight the commitment, the company debuted a new Privacy Dashboard and enhanced security settings for upgrading. Finally, Microsoft also agreed to make concessions in the platform to avoid court action from a Swiss-based watchdog.