Microsoft released an extensive post through its representatives Elia Florio and Matt Oh recently, part of Microsoft’s Windows Defender ATP research team. They had tuned in to educate people about zero-day threats and how Microsoft put a countermeasure in place that seems to have worked. The countermeasure against zero-day threats is actually referred to as zero-day exploit mitigation and has been made part of Windows Anniversary Update. In this most recent situation, the group Strontium was behind a series of attacks back in October using the CVE-2016-7255 vulnerability. The attacks were against targets from the US using a combination of a Microsoft Windows 10 vulnerability and a Flash Player back door. Attackers tried to gain access and compromise sensitive information but that didn’t happen because the zero-day mitigation systems put in place by Microsoft stopped them from being able to get past the second phase. If you have experienced a BSOD in that time period this might have been the reason. However, a BSOD is the only damage attackers were able to do to targets. There is also an explanation of how Windows was able to fend off the threat: It seems that the mitigations used by the developer rely on additional checking of length fields and securing virtual address ranges so that they can’t be used for RW primitives. While a patch came later on, it’s great to know that Windows 10 is able to protect users — Microsoft’s statement for those that feel like sitting ducks using Microsoft’s OS.

Windows 10 Anniversary Update adoption rate is on the rise Most Windows 10 Anniversary Update issues still present, two months after release Windows 10 Anniversary Update is Microsoft’s most secure OS

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ