Windows 10 Security 'good against zero days!'

[sof006]

 

 

Quote from source

 

Microsoft's Windows Defender security team tested the Anniversary Update against CVE-2016-7255, a zero-day flaw used by the Fancy Bear hackers targeting US organizations in October, and CVE-2016-7256, which was used against South Korean targets. Both kernel-level exploits resulted in elevation of privileges and were patched in November.

While systems running older versions of Windows would have been compromised, systems on the Anniversary Update would have been protected, according to Microsoft's analysis.

Source

 

Looks like Microsoft has been doing something right with these rolling updates for Windows 10 that fix multiple things in one go via a system upgrade instead of patching a few things via Windows update.

What do you guys think? Anyone here upgraded to anniversary update or has anyone here disabled Windows update all together?

 

[mynameisjuan]

While I view this a good thing a lot of people view updates that they cannot control as a bad thing. 

 

Security should be priority on any OS and its great that windows is becoming more and more secure.

[dfsdfgfkjsefoiqzemnd]

So they have been able to stop two zero-day exploits out of the hundreds that are probably out there.  Whoop-de-doo.  Standing ovation.

 

EDIT: ok, I misread the methods used by these exploits.

Still, if it smells like PR bullshit and it looks like PR bullshit, it probably isn't a pigeon throwing busses at a flying saucer.

[sazrocks]

What about that one kernel exploit that was usable through the browser to gain access to the kernel, yet it took Microsoft over a week and the bug going public for them to even acknowledge it.

[GoodBytes]

While this is very cool and nice. This kind of news should be seen as PR, as it is one.

 

This is like me saying:

GoodBytes is the best mod in the world. He is the winner of 3x GoodByte's Global Mod Awards.

While exciting (at least to me), it has little value in reality.

 

Now, if it was a third party, trustworthy, well known security group, completely independent, then yea, that some news worthy news.

But that is just my opinion.

[PocketNerd]

1 hour ago, mynameisjuan said:

While I view this a good thing a lot of people view updates that they cannot control as a bad thing. 

 

Security should be priority on any OS and its great that windows is becoming more and more secure.

Easy fix for that. Make security updates mandatory, but feature updates optional.

[mynameisjuan]

8 minutes ago, PocketNerd said:

Easy fix for that. Make security updates mandatory, but feature updates optional.

But look at the last security update, it broke multi-monitor gaming and look at the shit storm that caused. 

 

Why I would love security to be mandatory people will still complain about it. 

[HarryNyquist]

4 minutes ago, PocketNerd said:

Easy fix for that. Make security updates mandatory, but feature updates optional.

Then every feature update will be bundled with security updates to make them mandatory anyway. 

 

I find it interesting, also, that the people who complain the most bought a W10 Home license from wherever, instead of buying a W10 pro license that would enable them to group-policy-edit updates into not even downloading without permission. I haven't bothered to update until they get that multimonitor crap corrected.

 

The more I see these complaints from enthusiasts the more I wonder why you'd be willing to spend $2k+ on a computer and cripple it by either using the wrong operating system, or by not using the provided configuration tools to make it work exactly as you'd like it to. The automatic update options are still available on W10 Pro unlike those few others that got nixed to Enterprise.

[AresKrieger]

6 minutes ago, HarryNyquist said:

I find it interesting, also, that the people who complain the most bought a W10 Home license from wherever, instead of buying a W10 pro license that would enable them to group-policy-edit updates into not even downloading without permission. I haven't bothered to update until they get that multimonitor crap corrected.

I think your assumption is incorrect they "upgraded" from past windows OS and got the home license as a result unless they already had a pro license or better

[HarryNyquist]

4 minutes ago, AresKrieger said:

I think your assumption is incorrect they "upgraded" from past windows OS and got the home license as a result unless they already had a pro license or better

True, But still. Pro lets them do everything they want to do, and that's not exactly secret knowledge. The complaining at this point is just getting old.

[dfsdfgfkjsefoiqzemnd]

10 minutes ago, HarryNyquist said:

True, But still. Pro lets them do everything they want to do, and that's not exactly secret knowledge.

True, but then again in Win7 there was little reason to go beyond Home unless you had more than 16GB of RAM.  You never really needed the Group Police Editor etc because the OS wasn't doing stuff behind your back and you had plenty of control over what it was doing otherwise. 

I only upgraded to Win7 Pro when I noticed that my new PC was only using half of its RAM, I was perfectly happy on Win7 Home Premium before that.  If I had taken the upgrade offer to Win10, I would have been on Win10 Home and cursing like a madman because then I would have needed GPE etc. 

[Dabombinable]

1 hour ago, Captain Chaos said:

True, but then again in Win7 there was little reason to go beyond Home unless you had more than 16GB of RAM.  You never really needed the Group Police Editor etc because the OS wasn't doing stuff behind your back and you had plenty of control over what it was doing otherwise. 

I only upgraded to Win7 Pro when I noticed that my new PC was only using half of its RAM, I was perfectly happy on Win7 Home Premium before that.  If I had taken the upgrade offer to Win10, I would have been on Win10 Home and cursing like a madman because then I would have needed GPE etc. 

And that's where I'm lucky. I gave my old rig with its copy of Windows 7 Home to my friend (they didn't want Windows 10), and used the copy of Windows 7 Pro that my Mum originally bought for one of her second hand laptops which had died (working working working, pop, fizzle, not even the fan starts). I'm also lucky when it comes to working on her laptops because my Mum only buys Windows ** Pro, meaning that I always have full control of the OS.

[PocketNerd]

2 hours ago, mynameisjuan said:

But look at the last security update, it broke multi-monitor gaming and look at the shit storm that caused. 

 

Why I would love security to be mandatory people will still complain about it. 

Yeah, that's an issue that they should have found pretty easily and fixed on their own before release. That said, there's no way you're going to make people 100% happy or remove all issues.

[vorticalbox]

2 hours ago, PocketNerd said:

Easy fix for that. Make security updates mandatory, but feature updates optional.

The easy fix is to use an operating system that isn't insecure at a fundamental level or just copy Linux.

 

Don't make .exe executable until marked as such by the user. Requiring a user to type their password to do any root operations.

 

Security should never take a back seat usability.

 

 

[Sniperfox47]

6 hours ago, sof006 said:

 

 

Quote from source

 

Microsoft's Windows Defender security team tested the Anniversary Update against CVE-2016-7255, a zero-day flaw used by the Fancy Bear hackers targeting US organizations in October, and CVE-2016-7256, which was used against South Korean targets. Both kernel-level exploits resulted in elevation of privileges and were patched in November.

While systems running older versions of Windows would have been compromised, systems on the Anniversary Update would have been protected, according to Microsoft's analysis.

Source

 

Looks like Microsoft has been doing something right with these rolling updates for Windows 10 that fix multiple things in one go via a system upgrade instead of patching a few things via Windows update.

What do you guys think? Anyone here upgraded to anniversary update or has anyone here disabled Windows update all together?

 

A) if they're known CVEs they're no longer zero day exploits... It's defense against Zero day exploits is negligible because Zero Day exploits are specifically those exploits *NOT* known to the vendor. Testing them at this point has no relevance about their usefulness as Zero Days...

 

B) They're kernel level exploits... The anniversary update has a different kernel... It should surprise exactly no one that the exploit broke due to a change they made in the kernel.

 

If the change was because they went "hey this can be exploited so we better fix it!" then it says nothing about Zero Days because it's no longer a Zero Day.

 

If the change was because they tweaked something in such a way the exploit no longer works, it says absolutely jack all about Windows security.

[Marinatall_Ironside]

6 hours ago, sof006 said:

 

-snip-

 

Quote from source

 

Microsoft's Windows Defender security team tested the Anniversary Update against CVE-2016-7255, a zero-day flaw used by the Fancy Bear hackers targeting US organizations in October, and CVE-2016-7256, which was used against South Korean targets. Both kernel-level exploits resulted in elevation of privileges and were patched in November.

While systems running older versions of Windows would have been compromised, systems on the Anniversary Update would have been protected, according to Microsoft's analysis.

-snip-

Looks like Microsoft has been doing something right with these rolling updates for Windows 10 that fix multiple things in one go via a system upgrade instead of patching a few things via Windows update.

What do you guys think? Anyone here upgraded to anniversary update or has anyone here disabled Windows update all together?

 

 

6 hours ago, mynameisjuan said:

While I view this a good thing a lot of people view updates that they cannot control as a bad thing. 

 

Security should be priority on any OS and its great that windows is becoming more and more secure.

Same here too. I'm using my Kaspersky Antivirus 1-year license that I got with my Rampage V Edition 10. When that expires, I'll switch back to Defender according to the source.

[captain_to_fire]

With that said, can Microsoft make Windows Updates less obtrusive like that of Apple's macOS? With that said, I guess Microsoft is really doing well in securing their operating system. In the latest AV-Comparatives report from July to November 2016, Windows Defender scored 97% in Real Time Protection.

 

 

[Sniperfox47]

9 minutes ago, hey_yo_ said:

With that said, can Microsoft make Windows Updates less obtrusive like that of Apple's macOS? With that said, I guess Microsoft is really doing well in securing their operating system. In the latest AV-Comparatives report from July to November 2016, Windows Defender scored 97% in Real Time Protection.

 

 

They also have a lot of false positives in their readings though, to be fair. 

[gamerking]

6 hours ago, sof006 said:

 

 

Quote from source

 

Microsoft's Windows Defender security team tested the Anniversary Update against CVE-2016-7255, a zero-day flaw used by the Fancy Bear hackers targeting US organizations in October, and CVE-2016-7256, which was used against South Korean targets. Both kernel-level exploits resulted in elevation of privileges and were patched in November.

While systems running older versions of Windows would have been compromised, systems on the Anniversary Update would have been protected, according to Microsoft's analysis.

Source

 

Looks like Microsoft has been doing something right with these rolling updates for Windows 10 that fix multiple things in one go via a system upgrade instead of patching a few things via Windows update.

What do you guys think? Anyone here upgraded to anniversary update or has anyone here disabled Windows update all together?

 

im on anniversary and have disabled win updates im tired of it waking my pc even when i have the option disabled so i killed the service.when it tries  it may now only run at 25:00 since 25:00 is invalided it errors out and doesnt do anything

[captain_to_fire]

1 minute ago, Sniperfox47 said:

They also have a lot of false positives in their readings though, to be fair. 

Which is ironic since it's Microsoft's own platform and they're not doing well in ignoring false positives and they don't have the best detection rates. But still 97% in real time protection is a welcome improvement though I'd still prefer Kaspersky or Bitdefender for my parents PC. They're the kind of people who will click on anything.

[Sniperfox47]

1 minute ago, hey_yo_ said:

Which is ironic since it's Microsoft's own platform and they're not doing well in ignoring false positives and they don't have the best detection rates. But still 97% in real time protection is a welcome improvement though I'd still prefer Kaspersky or Bitdefender for my parents PC. They're the kind of people who will click on anything.

Yup. And when for $60 Canadian you can get 2 years of the family pack that allows unlimited PCs... I'll stick with Bitdefender even if it struggles with full Windows 10 support.

[PocketNerd]

5 hours ago, vorticalbox said:

The easy fix is to use an operating system that isn't insecure at a fundamental level or just copy Linux.

 

Don't make .exe executable until marked as such by the user. Requiring a user to type their password to do any root operations.

 

Security should never take a back seat usability.

 

 

That might fly for power users, that ain't going to fly with the average joe luser.

 

Also, Linux ain't perfect either.

[Belgarathian]

8 hours ago, mynameisjuan said:

While I view this a good thing a lot of people view updates that they cannot control as a bad thing. 

 

Security should be priority on any OS and its great that windows is becoming more and more secure.

What would be better is if we had the option for 'optional updates (drivers, etc)' but security updates were installed on shutdown/startup automatically without permission

[captain_to_fire]

5 hours ago, vorticalbox said:

The easy fix is to use an operating system that isn't insecure at a fundamental level or just copy Linux.

 

Don't make .exe executable until marked as such by the user. Requiring a user to type their password to do any root operations.

 

Security should never take a back seat usability.

 

 

You mean warning the user when installing applications? Windows already did that. Sort off.

 

When you download an application using Microsoft Edge, it will scan the app if it's digitally signed by Microsoft. If the app isn't signed, it will show a red warning if you're sure about running the app because it's not commonly downloaded and not digitally signed which could harm your computer.

 

But then, .exe files isn't the only way to execute malware to a PC. There's the drive by download attack where the malware is embedded on the website and can inject malicious code to the temporary internet folder. The malicious code could just be a cute animated gif but is actually a ransomware in disguise. 

[captain_to_fire]

24 minutes ago, Belgarathian said:

What would be better is if we had the option for 'optional updates (drivers, etc)' but security updates were installed on shutdown/startup automatically without permission

If there's one thing I wish Microsoft would copy from Apple is the unobtrusiveness of macOS in handling software updates. They can't seem to do that so it makes me think Unix is better than Windows NT.