IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Five security threats Windows 10 protects you against

Love it or hate it, Windows 10 is a pretty secure OS

Windows 10 has as many detractors as it does fans. However, there's one area where it does improve things without any doubt, and that's security.

Here are five security threats which Windows 10 protects your PC from...

Closing vulnerability exploit windows

Arguably, the single most important security feature in this, and any, version of Windows is nothing new. Windows Update first saw light of day back in Windows 95, and that was more than 20 years ago. It still does what it did then, deliver patches for the operating system, but now it does it better than it ever has before.

Both the Home and Pro editions bypass the WUAPP.exe application and instead gets the updates directly from the cloud-based catalog.update.microsoft.com servers. By allowing updates automatically and downloading them as soon as possible, the exploit window remains as short as possible between a vulnerability being disclosed and the system patched.

Bring Your Own Device dangers

Conditional Access, which replaced the old Network Access Protection (NAP) technology that limited network access until a computer was proven safe enough, brings a different focus. NAP checked system health by looking at such things as OS updates being installed, a firewall enabled and antivirus signatures being current.

Conditional Access is more concerned with Bring Your Own Device (BYOD) management. It still requires a health check, but it's a cloud-based thing working with mobile device management tools to ensure secure boot state and measured boot data are OK along with the system updates, etcetera. It does require UEFI firmware and a TPM chip in order to work, though.

Advanced Persistent Threats (APT)

The Device Guard feature of Windows 10 is actually a combination of hardware and software features that should make your PC more resilient when it comes to falling victim to an Advanced Persistent Threat (APT) attack.

Because it requires a mixture of hardware and software technologies along with the OS controls in order to work, watch out for PCs with the 'Device Guard Ready' label - these are the ones you want. The OS controls include UEFI firmware Secure Boot and Kernel Model Code Integrity (KMCI), User Mode Code Integrity (UMCI), and AppLocker. By using a locked down program execution model, only running programs from a trusted list, it makes the combination of social engineering and malware that APTs rely upon harder to pull off.

Code injection and Buffer overrun exploits

The way that Virtualisation Based Security (VBS) moves part of the OS kernel into a virtual machine under Windows 10, enforced through Hypervisor Code Integrity (HVCI), makes it much harder for operating system threats using buffer overruns or code injection to work successfully.

This is because controls that are often targeted by such things, including Kerberos tickets and NTLM hashes, will now exist outside the OS itself. Indeed, by isolating the Local Security Authority Subsystem Service (LSASS) and the kernel in this manner, code integrity can be determined outside of the OS, where it's much safer from the threat of kernel-level malware.

Internet Explorer exploits

Microsoft Edge isn't an update to Internet Explorer, it's a complete from-the-ground-up rewrite that doesn't use the old Win32 API. Instead it is a Universal Windows App (UWA) which means it can run inside the UWA container sandbox for added security.

This isn't to say it doesn't share some similarities with Internet Explorer (indeed, there are some, mainly on the design front, such as using a fork of the Trident layout engine, for example). But it does significantly reduce the attack surface of the browser. Edge does not provide backwards capability for existing extensions, nor does it support ActiveX controls or Browser Helper Objects; both much beloved by malware developers.

Featured Resources

Join the 90% of enterprises accelerating to the cloud

Business transformation through digital modernisation

Free Download

Delivering on demand: Momentum builds toward flexible IT

A modern digital workplace strategy

Free download

Modernise the workforce experience

Actionable insights and an optimised experience for both IT and end users

Free Download

The digital workplace roadmap

A leader's guide to strategy and success

Free Download

Recommended

Command Prompt Windows 10: What is it and how does it work?
Microsoft Windows

Command Prompt Windows 10: What is it and how does it work?

1 Jul 2022
Windows vs Linux: what's the best operating system?
operating systems

Windows vs Linux: what's the best operating system?

22 Jun 2022
Best business laptops 2022: Acer, Asus, Dell and more
Laptops

Best business laptops 2022: Acer, Asus, Dell and more

13 Jun 2022
Microsoft Windows Defender review: An ideal (if unfriendly) business security solution
antivirus

Microsoft Windows Defender review: An ideal (if unfriendly) business security solution

1 Jun 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022