IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Five security threats Windows 10 protects you against

Love it or hate it, Windows 10 is a pretty secure OS

Windows 10 has as many detractors as it does fans. However, there's one area where it does improve things without any doubt, and that's security.

Here are five security threats which Windows 10 protects your PC from...

Closing vulnerability exploit windows

Arguably, the single most important security feature in this, and any, version of Windows is nothing new. Windows Update first saw light of day back in Windows 95, and that was more than 20 years ago. It still does what it did then, deliver patches for the operating system, but now it does it better than it ever has before.

Both the Home and Pro editions bypass the WUAPP.exe application and instead gets the updates directly from the cloud-based catalog.update.microsoft.com servers. By allowing updates automatically and downloading them as soon as possible, the exploit window remains as short as possible between a vulnerability being disclosed and the system patched.

Bring Your Own Device dangers

Conditional Access, which replaced the old Network Access Protection (NAP) technology that limited network access until a computer was proven safe enough, brings a different focus. NAP checked system health by looking at such things as OS updates being installed, a firewall enabled and antivirus signatures being current.

Conditional Access is more concerned with Bring Your Own Device (BYOD) management. It still requires a health check, but it's a cloud-based thing working with mobile device management tools to ensure secure boot state and measured boot data are OK along with the system updates, etcetera. It does require UEFI firmware and a TPM chip in order to work, though.

Advanced Persistent Threats (APT)

The Device Guard feature of Windows 10 is actually a combination of hardware and software features that should make your PC more resilient when it comes to falling victim to an Advanced Persistent Threat (APT) attack.

Because it requires a mixture of hardware and software technologies along with the OS controls in order to work, watch out for PCs with the 'Device Guard Ready' label - these are the ones you want. The OS controls include UEFI firmware Secure Boot and Kernel Model Code Integrity (KMCI), User Mode Code Integrity (UMCI), and AppLocker. By using a locked down program execution model, only running programs from a trusted list, it makes the combination of social engineering and malware that APTs rely upon harder to pull off.

Code injection and Buffer overrun exploits

The way that Virtualisation Based Security (VBS) moves part of the OS kernel into a virtual machine under Windows 10, enforced through Hypervisor Code Integrity (HVCI), makes it much harder for operating system threats using buffer overruns or code injection to work successfully.

This is because controls that are often targeted by such things, including Kerberos tickets and NTLM hashes, will now exist outside the OS itself. Indeed, by isolating the Local Security Authority Subsystem Service (LSASS) and the kernel in this manner, code integrity can be determined outside of the OS, where it's much safer from the threat of kernel-level malware.

Internet Explorer exploits

Microsoft Edge isn't an update to Internet Explorer, it's a complete from-the-ground-up rewrite that doesn't use the old Win32 API. Instead it is a Universal Windows App (UWA) which means it can run inside the UWA container sandbox for added security.

This isn't to say it doesn't share some similarities with Internet Explorer (indeed, there are some, mainly on the design front, such as using a fork of the Trident layout engine, for example). But it does significantly reduce the attack surface of the browser. Edge does not provide backwards capability for existing extensions, nor does it support ActiveX controls or Browser Helper Objects; both much beloved by malware developers.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

28 Jul 2022
How to reinstall Windows 10 without losing data
Microsoft Windows

How to reinstall Windows 10 without losing data

18 Jul 2022
How to make a printer shortcut in Windows 10
Microsoft Windows

How to make a printer shortcut in Windows 10

18 Jul 2022
Command Prompt Windows 10: What is it and how does it work?
Microsoft Windows

Command Prompt Windows 10: What is it and how does it work?

15 Jul 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022