Microsoft may have made a huge jump in improving Windows 10 security

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up

PCHF IT Feeds

PCHF Tech News
PCHF Bot
Jan 10, 2015
52,091
26
pchelpforum.net
Microsoft has revealed a significant step forward in helping secure both past future builds of its Windows 10 software.

The company has revealed its new Kernel Data Protection (KDP) feature, which is able to block attackers and malicious software from gaining access to, and corrupting, data within the operating system's memory.

Microsoft hopes that the new service can lessen the attack vectors within Windows 10, which has often proved a popular target for hackers and cybercriminals.

Windows 10 security


Microsoft says the launch of KDP was motivated by a recent shift away from memory corruption attacks towards those targeting data corruption. Data corruption attacks can target system security policy, allow escalated privileges, and let attackers tamper with security detection levels - putting millions of devices at risk.

This includes recent threats where attackers use signed but vulnerable drivers to attack policy data structures and install a malicious, unsigned driver.

KDP will look to offer extra security by granting developers access to programmatic APIs, allowing them to designate parts of the Windows kernel as read-only sections, meaning they cannot be tampered with.

"The concept of protecting kernel memory as read-only has valuable applications for the Windows kernel, inbox components, security products, and even third-party drivers like anti-cheat and digital rights management (DRM) software," the Microsoft Base Kernel Team wrote in a blog post.

"KDP mitigates such attacks by ensuring that policy data structures cannot be tampered with."

Microsoft also says that KDP can help bring performance improvements, freeing up attestation components from constant checking and verifying of write-protected data variables, as well as boosting reliability, as the service makes it easier to diagnose memory corruption bugs that don’t necessarily represent security vulnerabilities.

Such technology should also incentivise driver developers and vendors to improve compatibility with virtualization-based security, improving adoption of these technologies and hopefully leading to security boosts across the industry ecosystem as a whole.

KDP technology is available to access now, with any computer that supports Intel, AMD or ARM virtualization extensions able to benefit. If you have a secured-core PC, such features are also already on offer, and enabled by default.


Via ZDNet

Continue reading...