X
    Categories: Tech

Microsoft solves Zero-Day exploits with the creators update

Microsoft’s outage follows last week’s AWS blackout that left a substantial part of the Internet without media to display. Image Source> The USB Port

Last Thursday, Microsoft started rolling out the Windows 10 Build 15007 for subscribers to the Insider program. The update provides a first look of Windows 10’s enhanced security through the renamed Windows Defender Security Center.

Build 15007 follows Build 15002 just a couple of days after Microsoft released it. The OS versions are previews of the upcoming Windows 10 Creators Update, expected to launch fully in April.

Other than the improvements to the security system of Windows 10, Microsoft is showing off some changes coming to Cortana, the Edge browser, Windows Hello, and more.

Windows 10 can deal with zero-day exploits without patching

Zero Day Vulnerabilities Timeline. Image: Wordfence.

The Microsoft Malware Protection Center team said in a blog post last Friday that Windows 10 can easily neutralize zero-day exploits before developers even release a patch for it. Oh, and it can do so since the Anniversary Update.

The security experts from Microsoft took two infamous zero-day exploits as case studies: CVE-2016-7255 and CVE-2016-7256. Both strings of malware granted hackers with elevated privileges on the host system.

One of them, CVE-22016-7255, was even used by the Russian group Fancy Bear (or STRONTIUM) to target prominent U.S. organizations and officials back in October, Microsoft reports.

Zero-day exploits are orchestrated maneuvers that manage to take advantage of a vulnerability discovered in a site or a system the same day of the discovery, hence the “zero-day” tag. The attack happens on a timeframe no longer than one day.

As it turns out, Windows 10 running on the Anniversary Update was not only capable of detecting these malicious activities but also quarantined and outright neutralized them before they became a serious threat.

What is more remarkable is that, given the nature of zero-day exploits, hackers using them get away with them most of the time since they are in and out before Microsoft can issue a patch, days or weeks after the breach is detected.

Windows 10 Creators Update could get rid of third party anti-virus software

The bolstered security performance on Windows 10 will continue with the Creators Update upon launch, as Microsoft introduces enhanced features to its Windows Defender control room.

The main page of Windows Defender will become the Windows Defender Security Center to deal with malware, viruses, and other threats from a centralized dashboard.

Other improvements coming with the Creators Update include more user control over Firewall & Network Protection options, giving access to Windows 10 owners to more detailed settings of their computers.

As previously reported, direct access to Windows 10 and Windows 10 Mobile devices is also getting better with the update, which now quickens Windows Hello response when recognizing user faces, irises, and fingerprints.

Source: Microsoft

Rafael Fariñas:
Related Post