Microsoft recently revealed that their latest version of Windows 10 is immune to Ransomware.
They’ve also made updates to earlier versions of their OS to protect legacy users.
When the WannaCry Ransomware hit a while back, Microsoft took the unusual step of patching all its older operating systems. These patches included versions of Windows that had long been out of support. Though these measures were a bit unusual for Microsoft, they were taken as a way to limit any potential impact that the Ransomware may have on the infrastructures of hospitals, schools, and other locations that may still be running older operating systems.
One of the software giant’s operating systems did not require a patch: Windows 10. Now the company has revealed how their latest OS has been designed to resist Ransomware. While such inventiveness is always a race between hackers and OS creators, it is always nice to know how they work. That way, future developers can always get some insight on how future attacks can be prevented. Here is a short summary I have created about Windows 10’s advanced capabilities.
The Windows 10 Creators Update Protection.
Improvements to the Edge Browsers.
Windows says that its Edge browser has a high degree of protection. It opens pages in ‘container sandboxes’ that protects against malicious programs. Any downloads through the browser are run through a reputation checking service. Additionally, users are provided with the option of choosing whether they want to run Flash-based content. Microsoft views this as a great way to protect computers against Ransomware.
Not only does Windows Edge protect from malicious Ransomware, but it also works very well against malicious sites and phishing attempts. With more companies relying on the web to conduct business transactions, adding protection from phishing is an awesome move by Microsoft.
The purpose of flash control is to stop Ransomware infections that occur when a user visits a site that uses the ubiquitous Adobe software. The result is that Ransomware can no longer exploit weaknesses in Flash.
Another feature that Windows has included in their latest version of their OS is Device Guard. The Device Guard lets organization whitelist the software that can run on their devices, and this whitelist applies to plug-ins and add-ins as well.
The Device Guard technology uses hardware virtualization of the CPU to protect the computer from bad system files and drivers as well. However, to utilize this feature, you will need to have a CPU with virtualization capabilities. In short, this technology may not work on computers with older CPUs.
Advanced Threat Protection.
Another feature that Microsoft touted in their new version of Windows 10 is a post-bleach analysis service of Windows Defender Advanced Threat Protection. This will allow Windows 10 to better analyze any Ransomware that attacks a computer. The Windows Defender Advanced Threat Protection is sold separately for businesses. It is not the same as having Windows Defender antivirus.
The Windows 10 OS comes with an inbuilt antivirus that can block Ransomware automatically. This integral antivirus is fairly advanced, and includes the unique ability to use machine learning to block never-before-seen malware. Any suspicious files, whether new or unknown, will be kept safely away from your device. Other advanced technologies that are used with cloud-based technology are deep neural networks and fuzzy matching.
In this version of Windows 10, the anti-virus can suspend suspicious files from running and sync with other technologies on the cloud to inspect the file. Within seconds, the AV will be able to determine if the file is dangerous or not. The information is then stored to help others in the future. Thus, the ability of Windows 10 to defend against malware only grows as more attacks are directed to it.
What the Researchers Think.
When the version 1511 of Windows 10 was released, various organizations conducted studies on it to see if it was possible to use hacking code on it. The researchers said that the Version 1511 was the last potentially vulnerable version of Windows 10 for the use of leaked code in hacking. However, they did say there were still some potential workarounds to protect it. However, they also noted that there were no workarounds for protecting older versions of Windows.
What will This Mean for the User Experience?
The average PC user will probably not notice much difference. These are behind-the-scenes tweaks to the security rather than updates to the interface. If you are a business owner, it means you will not have to hold a session with your staff to make them understand how to use the new version of Windows.
If you have just begun using Windows 10 in your organization, the latest version of updates may not be much of a priority. You may want to wait for the next major rollout of Windows, which has been dubbed Redstone 3 and is slated to launch sometime later this year. Any organization that uses Windows via the Volume License Service Center has been able to receive this update since May 1st.
Windows Avails these Features Only in Its Latest Updates.
Microsoft has prepared a very thorough PDF to explain its latest protective measures against Ransomware. The document makes it quite clear that most of the features can only be accessed in its latest version.
You Are Only as Strong as Your Weakest Links
If you want to stay safe in your organization, you will need to stay safe at all levels of the network. You will need to conduct end-user security training for instance. That way, your employees do not unwittingly open the door wide open for the bad guys to begin playing around with your security. Be wary of social engineering, phishing, and other hacking methods that take advantage of the human element.