Windows 10 Anniversary Update Blocks Zero-Day Exploits Before Patches Are Even Deployed

Microsoft has often said that Windows 10 offers the best security features and malware protection of any Windows OS to date. In case anyone doubts that claim, the Redmond outfit explained how Windows 10 with the Anniversary Update installed was able to thwart a pair of potentially dangerous zero-day exploits months before it had released a patch that dealt with them directly.

The Anniversary Update that rolled out in August introduced a bunch of security upgrades to Windows 10, including improvements to Windows Defender. Many of the upgrades are intended to help Windows 10 identify and neutralize zero-day threats. That is no easy task, considering that new ones come out all the time, but recent tests run by Microsoft suggest that its efforts are paying off.

Windows 10

Microsoft took a pair of zero-day exploits that were patched in November 2016 and tested them against its Anniversary Update. The vulnerabilities, identified as CVE-2016-7255 and CVE-2016-7256, both result in elevation privileges. Starting with the former, an attack group that goes by the name STRONTIUM launched a spear-phishing campaign targeting think tanks and non-government organizations in the U.S.. It was used in tandem with an Adobe Flash Player vulnerability.

The second exploit manipulated a security hole in the Windows font library to elevate privileges and install a backdoor on affected systems. It was used in low-volume attacks primarily focused on systems in South Korea.

In Microsoft's tests, Windows 10 systems running just the Anniversary Update (and not the November 2016 patch) were able to outwit the zero-day attacks by using security features introduced in August. Older systems would have been compromised, but not ones running the Anniversary Update.

"We saw how exploit mitigation techniques in Windows 10 Anniversary Update, which was released months before these zero-day attacks, managed to neutralize not only the specific exploits but also their exploit methods. As a result, these mitigation techniques are significantly reducing attack surfaces that would have been available to future zero-day exploits," Microsoft concluded.

Microsoft is not just thumping its chest in celebration here. The point it is trying to make is that there are real advantages to running Windows 10 and keeping it updated. Looking ahead, Microsoft is prepping its Windows 10 Creators Update. While much of the talk up to this point has been focused on features for artists and creators, it will also enhance the security in Windows 10 even further. Microsoft said it will share more details about that at a later date.

Via:  Microsoft
Show comments blog comments powered by Disqus