In-depth

Five security threats Windows 10 protects you against

Love it or hate it, Windows 10 is a pretty secure OS

Windows 10 has as many detractors as it does fans. However, there's one area where it does improve things without any doubt, and that's security.

Here are five security threats which Windows 10 protects your PC from...

Closing vulnerability exploit windows

Arguably, the single most important security feature in this, and any, version of Windows is nothing new. Windows Update first saw light of day back in Windows 95, and that was more than 20 years ago. It still does what it did then, deliver patches for the operating system, but now it does it better than it ever has before.

Both the Home and Pro editions bypass the WUAPP.exe application and instead gets the updates directly from the cloud-based catalog.update.microsoft.com servers. By allowing updates automatically and downloading them as soon as possible, the exploit window remains as short as possible between a vulnerability being disclosed and the system patched.

Bring Your Own Device dangers

Conditional Access, which replaced the old Network Access Protection (NAP) technology that limited network access until a computer was proven safe enough, brings a different focus. NAP checked system health by looking at such things as OS updates being installed, a firewall enabled and antivirus signatures being current.

Conditional Access is more concerned with Bring Your Own Device (BYOD) management. It still requires a health check, but it's a cloud-based thing working with mobile device management tools to ensure secure boot state and measured boot data are OK along with the system updates, etcetera. It does require UEFI firmware and a TPM chip in order to work, though.

Advanced Persistent Threats (APT)

The Device Guard feature of Windows 10 is actually a combination of hardware and software features that should make your PC more resilient when it comes to falling victim to an Advanced Persistent Threat (APT) attack.

Because it requires a mixture of hardware and software technologies along with the OS controls in order to work, watch out for PCs with the 'Device Guard Ready' label - these are the ones you want. The OS controls include UEFI firmware Secure Boot and Kernel Model Code Integrity (KMCI), User Mode Code Integrity (UMCI), and AppLocker. By using a locked down program execution model, only running programs from a trusted list, it makes the combination of social engineering and malware that APTs rely upon harder to pull off.

Code injection and Buffer overrun exploits

The way that Virtualisation Based Security (VBS) moves part of the OS kernel into a virtual machine under Windows 10, enforced through Hypervisor Code Integrity (HVCI), makes it much harder for operating system threats using buffer overruns or code injection to work successfully.

This is because controls that are often targeted by such things, including Kerberos tickets and NTLM hashes, will now exist outside the OS itself. Indeed, by isolating the Local Security Authority Subsystem Service (LSASS) and the kernel in this manner, code integrity can be determined outside of the OS, where it's much safer from the threat of kernel-level malware.

Internet Explorer exploits

Microsoft Edge isn't an update to Internet Explorer, it's a complete from-the-ground-up rewrite that doesn't use the old Win32 API. Instead it is a Universal Windows App (UWA) which means it can run inside the UWA container sandbox for added security.

This isn't to say it doesn't share some similarities with Internet Explorer (indeed, there are some, mainly on the design front, such as using a fork of the Trident layout engine, for example). But it does significantly reduce the attack surface of the browser. Edge does not provide backwards capability for existing extensions, nor does it support ActiveX controls or Browser Helper Objects; both much beloved by malware developers.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

How to factory reset Windows 10
operating systems

How to factory reset Windows 10

4 Mar 2020
8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020