At the Microsoft Ignite conference in Atlanta the tech giant showcased the new security features in Windows 10 that will help secure firms.
Ann Johnson, VP of Microsoft’s advanced cybersecurity group, demoed Windows Defender Application Guard at the event.
Microsoft has demoed how Windows 10 can protect firms against attacks that can go undetected in Windows 7.
The firm demonstrated security features exclusive to Windows 10 at its Microsoft Ignite conference in Atlanta today – using the event to demo a new safeguard that will be added to Windows 10’s Edge browser next year.
Yusuf Mehdi, Microsoft’s corporate VP of the Windows and devices group, took to the stage to announce Windows Defender Application Guard, which will add container-based isolation to the Edge browser.
“One of the biggest attack vectors over the last decade has been the browser,” he said.
More about Innovation
- When your driverless car crashes, who will be responsible? The answer remains unclear
- GE makes $1.4B bet on 3D printing, acquires two firms to boost additive manufacturing
- IoT helping Tassie oyster farmers avoid unnecessary closures
- Subscribe to TechRepublic’s Next Big Thing newsletter.
“There have been a lot of software-based sandboxes to help protect the browser, but they still provide a pathway for malware and vulnerability exploits.
“I’d like to introduce Windows Defender Application Guard. This will make Microsoft Edge the most secure browser for the enterprise.”
Application Guard will ensure that when Edge accesses a website not designated as trusted, the browser will be launched inside a container, a virtualized environment isolated from the rest of the Windows OS.
If the site tries to download and run malicious code on the device, that code remains within the container, unable to permanently compromise the Windows device or the wider network, and disappears when the browser session shuts down.
Unlike the software-based sandboxes that are offered by other browsers, Microsoft says that Application Guard provides a hardware-based container, which Mehdi says offers greater protection to the device.
Enterprise admins can configure a list of trusted sites under a group policy and distribute that policy to any Windows 10 devices they wish to protect using Application Guard.
Ann Johnson, VP of Microsoft’s advanced cybersecurity group, demonstrated how Application Guard worked in practice.
In the demo, Johnson showed how a malicious site was able to redirect Internet Explorer to a malicious website that downloaded malware, which then disabled Windows 7’s firewall and other security settings, as shown below.
When the same site was visited using Edge with Windows Defender Application Guard, the operating system’s security settings were unaffected.
“Your user session was protected and when I close this browser session the malicious content, the attack, the entire session disappears, so there’s nothing left behind on the user’s machine,” said Johnson.
The cost of this security is some additional inconvenience for the user, as they won’t be able to take advantage of the ability for every site and service to remembers their log-in details, since cookies and cached data are destroyed at the end of every session.
Application Guard should be made available to Windows Insider testers in the near future, with the release of early Redstone 2 builds for Windows 10. After a period of testing, select users of the Enterprise edition of Windows 10 will be given access to Application Guard early next year.
However, in general Microsoft faces an uphill battle in selling Edge to users, with only a small proportion of those running Windows 10 using Edge to browse the web.
Johnson again chose to pitch Windows 10 against Windows 7 to demonstrate another feature in Microsoft’s latest OS, Credential Guard.
Credential Guard is a feature in Windows 10 Enterprise edition and Windows Server 2016 that offers additional security for login details by storing derived credentials — NTLM hashes and Kerberos tickets and the process that manages them — in a secured isolated container that uses Hyper-V and virtualization-based security.
In the demo, Knight showed how an attacker who had gained access to a corporate Windows 7 PC could go on to steal all the credentials on that machine.
In contrast, when the same attack was attempted on the Windows 10 machine with Credential Guard, the other credentials were inaccessible.
Windows 7 is on the left and Windows 10 with Credential Guard on the right.
“It’s completely transparent to your end users. So you don’t have to rely upon your end users to do anything to get this protection,” said Johnson.
Microsoft also used Ignite to highlight that the number of computers running Windows 10 continues to rise, despite the end of the free upgrade to the OS.
Windows 10 is running on 400 million devices, said Mehdi, up from 300 million in May and just over 200 million in March.
Windows 10 adoption rate is “150 percent faster” than that for Windows 7, he added.
As an example of a major rollout of Windows 10, Mehdi cited the US Department of Defence, which plans to rollout the OS to four million devices by next year.
Despite the continued growth, Microsoft has already admitted that it won’t hit its target of one billion devices running Windows 10 by summer 2018.
The Microsoft device figures relate to the number of devices running the OS within the past 28 days.
That’s not just PCs but also phones, tablets, Xbox consoles, HoloLens headsets and Surface Hubs.