The Microsoft Malware Protection Center team illustrated how the latest Windows 10 security features defeated two zero-day vulnerabilities in November 2016 even before Microsoft patched those flaws. Those security features were part of the Anniversary Update that Microsoft rolled out last summer. Microsoft said that it was testing the exploits that targeted mitigation strategies released in August 2016. The goal was to demonstrate how those techniques might mitigate future zero-day exploits that have the same traits. The Redmond company said in a blog post: Microsoft also said it demonstrated how exploit mitigation techniques in Windows 10 Anniversary Update neutralized exploit methods on top of the specific exploits themselves. This led to the reduction of the attack surfaces that would have paved the way for future zero-day exploits. More specifically, the team examined two kernel-level exploits that advanced persistent threat group STRONTIUM used to attempt to attack Windows 10 users. The team logged the exploit as CVE-2016-7255, which Microsoft detected in October 2016 as part of a spear-phishing campaign that targeted think tanks and nongovernmental organizations in the U.S. The APT group combined the bug with an Adobe Flash Player flaw, a common ingredient in many attacks. The second exploit is codenamed CVE-2016-7256, an OpenType font elevation-of-privilege exploit that surfaced as part of the attacks against South Korean victims in June 2016. The two exploits escalated privileges. The Windows 10 security techniques that came with the Anniversary Update blocked both threats.

Fix: ‘Kernel Security Check Failure’ in Windows 10, 8.1 10 best anti-hacking software for Windows 10 Improve Windows 10’s security with Win10 Security Plus

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ