DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 18, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 177 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Microsoft: Anniversary Update made Windows 10 a lot safer

Posted on Monday, January 16 2017 @ 14:34:31 CET by


MS logo
Microsoft security researchers boast that the rollout of last summer's Anniversary Update made Windows 10 safer than ever as the major update included Windows Defender improvements as well as several mitigation techniques to thwart zero-day exploits. The team points out that while fixing a single-point vulnerability helps neutralize a specific bug, the use of more and more mitigation techniques can help to kill a broader number of potential exploits.

Among other things, the Anniversary Update put font-parsing code in isolated containers and contained new validation for font file parsing to prevent attackers from being able to use font bugs for privilege escalation.

Months later Microsoft's security researchers discovered this font bug mitigation technique safeguarded Windows 10 against a previously unknown exploit that was abused by a South Korean hacking group in small but targeted attacks in South Korea.
Redmond's security team tested its exploit mitigations against two kernel-level then zero-day exploits (CVE-2016-7255, CVE-2016-7256) used by active hacking groups that offer privilege escalation.

They find, in a technical analysis designed to stress test the resilience of Windows 10, that the bugs were neutered on Anniversary Update machines even before it issued the respective November patch thanks to the exploit mitigation controls.

"Because it takes time to hunt for vulnerabilities and it is virtually impossible to find all of them, such security enhancements can be critical in preventing attacks based on zero-day exploits," the team says.
Via: The Register



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba