Microsoft is currently hosting their Ignite conference, which is somewhat the successor of TechEd. Monday kicked off with a couple of keynotes, including one from Satya Nadella himself, but this post will focus on a specific announcement: Windows Defender Application Guard.
With a typical web browser, a malicious website can infect the user's PC by knowing an unpatched vulnerability, and exploiting it before they update their browser. The next feature release of Windows 10 is expected to include virtualization technology, again called Windows Defender Application Guard, which runs websites in a lightweight virtual machine if they are opened in Edge and not part of a whitelist. This means that the attacker, who wants to infect the user's device, not only needs to know of a vulnerability in Edge; they also need to know of a vulnerability in the virtual machine, and they must be able to use the Edge vulnerability to exploit it. Especially for enterprise environments, where ransom malware that encrypts any data it finds can be devastating, this should add a huge wall protecting a large, complex application platform (the web browser) from untrusted third-parties (websites).
Of course, this concept isn't new. Not only are virtual PCs are common in the enterprise for security and control reasons, but applications like SandboxIE have more directly implemented similar ideas. Still, having it be a built-in feature of the operating system should mean that it gets even more support with regards to performance and stability, versus tacking on a third-party solution through public APIs.
Speaking of public APIs — Microsoft won't be providing one at first. It will only be used for Edge for the time being. Also, it's only available for Windows 10 Enterprise, so I hope you didn't get your hopes up.
Wow, that turned dark real quick.
Funny that Microsoft would do
Funny that Microsoft would do this, considering that they are one of the largest malware developers out there
Well, if they are the biggest
Well, if they are the biggest malware developers, it makes perfect sense. They want to be the only ones having all peoples personal data. Monopolistic tactics in the malware market. :p
That’s those Lords of Redmond
That’s those Lords of Redmond true intent, your PC/laptop hardware belongs to M$ if you use windows 10, and how dare anyone other than M$ get access to all your personal data. Before long windows 10/edge will be blocking all the ads except the ones delivered by windows 10 through the windows 10 OS(ad system). The individual as a Universal Windows Peasant(UWP) is what M$ plans for the windows 10 market! All your PC/Laptop hardware is belong to M$! You agreed to the EULA of eternal servitude, kneel down all ye windows 10 serfs to your Lords of Redmond!