Thursday, 21 February, 2019

Microsoft falls prey to Windows 10 source code theft

Sherri Watson | 28 June, 2017, 01:15

The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard.

Today, Microsoft announced the "next generation security" features coming in the Fall Creators Update, promising that they'll "make life harder for the bad guys".

New and updated security features are the biggest - and possibly only - reason that many business customers may be interested in this update.

By integrating the power of EMET along with new vulnerability mitigations, Exploit Guard includes prevention capabilities that help make vulnerabilities dramatically more hard to exploit. The goal of this feature is to make the once hard process of defining the rule-set for attack mitigation that required significant expertise and time to craft, easier to integrate into your environment. Some protections formerly provided by EMET had been built into the core operating system itself, and Windows 10 offered additional protections far beyond the scope of what EMET could do. Seeing as that deadline has come and gone, this security enhancement will be shipped with Redstone 3.

For those that are using Windows Defender Device Guard, this feature will now be integrated into Windows Defender ATP's response capabilities to improve the process of managing the safe application lists. This feature will protect your environment if a local user downloads malicious applications from the Internet or a zero-day exploit is encounter in the browser; WDAG is able to isolate the machine from the rest of the network and stop the malicious applications/intruders from reaching other areas of your infrastructure.

The update introduces a few new features.

Regarding the RCE flaw in Microsoft Malware Protection Engine, Microsoft wrote, "An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system".

Windows 10 users could face major security issues after Microsoft confirmed that some of its source code had been leaked online.

What the Redmond-based company is doing with their security suite of services is using the immunity through community model.

The keys are removed from public versions of Windows to prevent users from gaining information about Microsoft's personal source code. According to the Store description, Sway is a digital storytelling app for work, school and home that makes it quick and easy to create and share interactive reports, presentations, personal stories, and more. In a statement to The Verge, a Microsoft spokesperson says the entire source code was not stolen, "Our review confirms that these files are actually a portion of the source code from the Shared Source Initiative and is used by OEMs and partners".