For the past few months, Microsoft has been touting the security features available to customers using Windows 10, especially with the increase in ransomware attacks. It even vowed to raise the bar for security with the upcoming Fall Creators Update.
Now, the company has published yet another blog post persuading customers to upgrade to the latest version of Windows 10, citing increasing security threats.
Microsoft explains that it previously used to release major Windows updates once every few years because only a few exploits existed at the time, mainly Stack overrun, Return Address Corruption, and Shell Code.
However, the scenario is very different nowadays, with new security threats and exploitation techniques popping up frequently. Some of these include Sandbox bypass, Heapspray, ASLR bypass, and ROP Shellcode. As a result, Microsoft has transitioned to the Windows as a Service (WaaS) model where updates are released every six months to offer new features and combat security threats.
Microsoft has also detailed the various threat mitigation techniques utilized in Windows 10 that are enabled by default, regardless of the Windows 10 edition being utilized. These include Heap and Kernel pool protections, Win32k Syscall filtering, Less Privileged App Container (LPAC), and Control Flow Guard.
The company notes that Universal Windows apps, and even Classic (Win32) applications downloaded from the Windows Store, boast their own protection systems. Microsoft explains that it is "highly unlikely" that customers encounter malware when utilizing these apps, because software submitted to the Windows Store goes through a meticulous screening process befoe being made publicly available.
Microsoft states that the main reasons for implementing threat mitigation techniques in Windows 10 are as follows:
- Reducing the attack surface of Windows Platform
- Takes soft target out of the picture
- Eliminates existing exploitation techniques so that new techniques need to be found.
- Reducing impact of vulnerability by isolation.
- Make overall exploitation harder and expensive
The company explains that all these reasons make it essential to upgrade to Windows 10, which will keep you safer from modern security threats as compared to older operating systems.