Windows 10 Anniversary Update crushed exploits without need of patches Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever. The August updates brought in a series of operating system security improvements including boosts to Windows Defender and use of AppContainer, designed to raise the difficulty of having zero day exploits execute on patched systems …
That move sparked the ire of Carnegie Mellon University CERT boffin Will Dormann who says the toolkit significantly improved the exploit mitigation chops of Windows 10 and should be maintained, not dropped.
Maintaining the enhanced mitigation toolkit requires money, and doesn't directly contribute to the short term quarterly goals of Endpoint Antichrist. Nor does it help to push everyone onto Windows 10, some sort of subscription or provide any additional lock-in. The only purpose it serves is to make things better for customers.
Endpoint Antichrist hasn't given any fucks about customers thus far, I am unsure why anyone would think he'd start now. Or at any point in the future.
I am, however, impressed by the engineers and/or marketdroids who convinced Endpoint Antichrist to allow resources to be spent on Windows-internal security mitigation technologies. That must have been a truly fantastic conversation. To convince him to release even a bent copper for use on something that threatened to benefit customers...hat's off to 'em!
I´d like to see the same test done on Windows 7, to see how much protection with EMET is a hangover from the previous regime and how much is actually new.
Why stop at 7, why not step back to NT4. Of course that is part of the thing isn't it, this is all shiny and possible now that we have the gift of Windows 10. Like a jelly club, every month we are gifted with a wonderful surprise (of course we payed in advanced for this gift).
Did it remove the malware/spyware built into Windows 10 itself? Doubt it.
I like this, don't loose focus!
Microsoft says its Windows 10 Anniversary Update squashes more exploit delivery chains than ever.
Let me strip the marketing hype from that and translate it: it means it *may* finally have the defences by default that Windows should have had from the start without needing an extra shell of anti-virus added (which was never made by Microsoft, I should add - probably just as well because nobody would trust it).
The "without the need for patches" in the title is somewhat misleading, seeing that an "Update", with or without the "Anniversary" tag is basically a patch, defined as "something we didn't get right first time" or "something we cocked up and needed to fix" but I assume the intention was to imply that this "update" (It Doesn't Need A Capital Letter In My Opinion) would provide enough cover to make the next few patch Tuesdays less bandwidth hogging affairs.
Well, I believe it when I see it. There's quite a lot track record out there suggesting that hype never quite equals reality, even with Trump taking office soon.
They find, in a technical analysis designed to stress test the resilience of Windows 10, that the bugs were neutered on Anniversary Update machines even before it issued the respective November patch thanks to the exploit mitigation controls.
They did not say before the update, they said the anniversary edition of windows 10 was able to stop the exploit before the exploit had been patched. Not that the anniversary edition was not a "patch."
"Won't let me do that. It says C: is in use."
What? You mean we STILL can't do this after all these years? /sarcasm.
Year ago, on the old Annoyances.org forums we used to get a lot of questions from people who asked things like "Why can't I format C:?" (while they were running Windows).
About a year before Vista was released, someone started a Wish List For Vista thread and one poster jokingly said "The ability to format C: while Windows is running".
Stepson decided he wanted a new Windows 7 installation. I handed him a USB stick with Windows 7 on it ... after making sure he had backed up what he needed ... he installed it, I came to check ... go get avast, Security Essentials or whatever it is called, is Essentially useless! He got avast and off I went ... 5 minutes later, computer had malware ... why ? He entered mozilla into Bing and clicked on the first link, an ad, because he never uses Bing he did not notice it was an add ... and installed that ...
So, basically, Bing makes money linking to malware! IANAL, but should there not be something, there, to sue ? 123telecharegement is the website where they inject crap into the installer ...
PS: I do not know if he installed mozilla before or after avast ...
"So, basically, Bing makes money linking to malware!"
You could use the same argument against any airline that has unwittingly carried a drug mule to say "So, basically, [insert airline] makes money by smuggling drugs!".
Next time, use some quality time with your stepson to install Firefox for him and, while you're at it, install NoScript and give a little education on safe surfing.
Hmm, I call bull
Open new tab to bing.com
Enter mozilla and hit return..
First result, taking up most of the page is 'Mozilla - Official site', https://www.mozilla.org
At least it was for me. (But I also have uBlock Origin installed, which is one of the first things I add to any new Windows install, so your search results may differ!)
In the UK, we get (well I do) a full page ad for Microsoft Edge, when I type in "mozilla" into bing.com.
Not sure what's worse, the malware link (got that as the second top, Mozilla Official was top link) or the MS Edge ad, forcing you to scroll down to see the actual link for mozilla. It's a full on, in your face advert, it's not subtle.
....
Microsoft Edge is the recommended browser for Windows 10
Ad by Microsoft · microsoft.com/microsoft-edge
Get up to 69% more battery life than Firefox when streaming video with Microsoft Edge.
The malware link does mention "free download" though, which could catch/attract some:
"Mozilla Firefox - latest version 2017 free download"
I just did this on Windows 10 with Edge.
The first link you get is for Mozilla, not an advert.
The problem isnt to do with Bing or Edge, if you are seeing loads of crap ads then it means you have something on your machine that shouldnt be there.
"I just did this on Windows 10 with Edge.
The first link you get is for Mozilla, not an advert."
I just tried this too and the aus.easydownload.net ad is first. Do you have an ad blocker installed by any chance? Or did you mistake the ad for the Mozilla link like so many others? Please check the URL (green line).
Where I don't get the ad first is Firefox with uBlock enabled - turn off uBlock and the ad appears at the top.
"Hmm, I call bull"
I can vouch for this one being true 'cause it nearly caught The Girlfriend's Aunt last week.
Tried it just now and if I use Firefox (with Ublock and a bunch of other get-out-of-my-face type plugins) I get the same result as you. But if I use IE11 then my first result is "Mozilla Firefox 2017 Free - DownIoad Mozilla Firefox Free!" with "Mozilla - Official Site" second. WTF? Tried it with Chrome (with ABP) and I get the dodgey ad at the top as well.
But I don't see an ad for Edge on any of them. Curious.
The August updates brought in a series of operating system security improvements including boosts to Windows Defender and use of AppContainer, designed to raise the difficulty of having zero day exploits execute on patched systems.
Does this affect the current ranking of Defender versus other offerings? And just how good is sticking with Windows own anyway? (Genuine question)
Personally, I'd move on from Defender on the first boot of any new install.
Also bear in mind, these OS changes enhance the security of Windows, irrespective of the AV in use, so still better to use something more capable than Defender anyway.
I think even MS stated Defender was basically intended as a bare bones minimum, for those who simply haven't bothered to install a 3rd party option, or don't understand that AV is needed, and to provide minimal protection when first going on-line etc. (i.e. before a user has downloaded and installed a 3rd party AV).
If you look on av-test.org (at their home AV listings) Defender currently comes joint bottom for Protection (along with Comodo), and the same can be seen on other sites.
Even if you don't want to spend money, the free versions of Avast and Bitdefender give the highest (along with other products) protection ratings, much better than Defender. (AVG doesn't score as high, but is another popular free AV).
I switched from Avast to Bitdefender a while back, as Avast was getting more and more annoying with various pop up notifications that were not important, and couldn't be removed, whereas Bitdefender is focused on minimal intervention (ideal for none techie friends and family).
My guess would be performance - it usually is with kernel stuff.
Font rendering is used continuously, for almost everything. Having a separate process to perform tasks for every other process would need massive amounts of inter process communications.
The kernel is there, always available, always fast - I can see the attraction.
And, from what I read about Linux, more than ever seems to be going into that kernel too.
"And, from what I read about Linux, more than ever seems to be going into that kernel too."
no, just systemd and wayland. I'm sticking with FreeBSD.
As for M-shaft "getting it right this time" - a stopped clock is right TWICE a DAY, right?
>> And, from what I read about Linux, more than ever seems to be going into that kernel too.
> no, just systemd and wayland. I'm sticking with FreeBSD.
FreeBSD is not Linux - it's an entirely separate operating system (although they are both Posix compatible).
MS decided that with the release for Windows NT 4.0 faster graphics on a server OS would be a great thing, so they stuck the GDI in the kernel and ever since then we've had the blue screens we know and love.
It's 20 years later and I doubt they know how to unpick it and take the GDI back out into userspace.
>Sod it switching back to 0s2....
What you've still got install media for Win3.x applications and a device capable of reading it?
Actually looking at the list of current software and applications available, both natively (eg. OpenOffice) and via add-ons like Odin (W95/NT Win32 API Library) and XFree86/2 (Unix) there is much going for OS/2 - probably more so than for ReactOS... So whilst eComStation costs, I suspect it could replace Windows on many desktops...
and for Christ's sake I'm having a hard time with it.
Is to know how the EMET tool is replaced in Windows 10 and how do I manually adjust the dozen or so mitigation technologies it contains for every application on the machine?
Currently EMET lets me know in a simple window what is covered and how.
Windows 10 just tells me I can allow the default of DEP for EDGE/IE or manually set it to everything.
Thats not really good enough.If MS design Windows 10 so I can adjust all the settings as per EMET then they can lapse EMET just fine.
If not just leave it or add it to Windows 10 as standard.
Where does this leave the whitehats I wonder. While it is good to see mitigations that prevent exploitation of vulnerabilities it is better to find and eliminate vulnerabilities anyway. Can a whitehat disable these mitigations, go bug hunting and then report (for reward) their findings?
If Microsoft are going to reject or downgrade reports of underlying bugs that are mitigated then the bugs will go unfound. Sooner or later they'll get used in a chained exploit. If that is the case these new mitigation techniques truly are a sticking plaster over untreated wounds.
The problem with that is people will be advised to turn these features off for every odd thing Windows does, and for every issue anyone encounters.
If you look through past Windows forums you'll see people recommending changing practically every setting throughout the Registry and beyond to "fix" all kinds of totally unrelated issues.
And then some idiot will go and put the "turn it off" option into their (privileged) installer...
"You have to wonder why after 30+ years it is still has vulnerabilities that need patching."
explained in Arthur C. Clarke's "superiroity" I'd think...
Also, you have to have "new, shiny" and "the next generation doing it THEIR way, this time!:"
Couple that with market-hype, 'feel' instead of 'think', and "trying to take over the world", and you end up with the CLUSTER-BLANK known as Win-10-nic!
To be sure, Win10 Anniversary Upgrade crushed one big bug, me! After working for a year under Win 10 on my trusty HP Elite 8200 CMT with Quad i5-2500 and 16 Gb memory, and an ATI Radeon HD 5450 video card, the Anniversary Update brought the machine to its knees, and first, the video started giving trouble, then the webcam, then the printer, and finally someone on the AMD forum acknowledged that the drivers for Win10 were failing under the Anniversary Upgrade... For one brief moment, I thought of buying a new machine, but this machine has been a reliable workhorse and is plenty fast for day-to-day work. In short, after 25 years of saying that my next machine will run Linux, and periodically having at least dual-boot machines (though not this one), I finally decided that it was time to switch to Linux, specifically Linux Mint 18.1 Serena, and it's working like a charm. Since 2000 first Open Office and then LibreOffice had already become my main office suite, so the culture shock was not too great.
The only way windows is coming back for me may be as a VM, on my next killer Linux machine, which will have all the memory it needs to do that. But I don't like to have dual boot for an OS I need to use once or twice a year.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
