Windows 10 Anniversary Update thwarted zero-day exploits last year prior to release of patches

Edward Hudson By: Edward Hudson
2 minute read

Home » Windows 10 Anniversary Update thwarted zero-day exploits last year prior to release of patches

Security is Microsoft’s main selling point for the latest version of its desktop operating system. The software giant is now reiterating that it is serious with that goal by exemplifying how, at some point in 2016, it thwarted some zero-day exploits before patches became available.

The Microsoft Malware Protection Center team illustrated how the latest Windows 10 security features defeated two zero-day vulnerabilities in November 2016 even before Microsoft patched those flaws. Those security features were part of the Anniversary Update that Microsoft rolled out last summer.

Microsoft said that it was testing the exploits that targeted mitigation strategies released in August 2016. The goal was to demonstrate how those techniques might mitigate future zero-day exploits that have the same traits. The Redmond company said in a blog post:

“A key takeaway from the detonation of zero-day exploits is that each instance represents a valuable opportunity to assess how resilient a platform can be — how mitigation techniques and additional defensive layers can keep cyberattacks at bay, while vulnerabilities are being fixed and patches are being deployed. Because it takes time to hunt for vulnerabilities and it is virtually impossible to find all of them, such security enhancements can be critical in preventing attacks based on zero-day exploits.”

Microsoft also said it demonstrated how exploit mitigation techniques in Windows 10 Anniversary Update neutralized exploit methods on top of the specific exploits themselves. This led to the reduction of the attack surfaces that would have paved the way for future zero-day exploits.

More specifically, the team examined two kernel-level exploits that advanced persistent threat group STRONTIUM used to attempt to attack Windows 10 users. The team logged the exploit as CVE-2016-7255, which Microsoft detected in October 2016 as part of a spear-phishing campaign that targeted think tanks and nongovernmental organizations in the U.S. The APT group combined the bug with an Adobe Flash Player flaw, a common ingredient in many attacks.

The second exploit is codenamed CVE-2016-7256, an OpenType font elevation-of-privilege exploit that surfaced as part of the attacks against South Korean victims in June 2016. The two exploits escalated privileges. The Windows 10 security techniques that came with the Anniversary Update blocked both threats.

RELATED STORIES YOU NEED TO CHECK OUT:

Discussions

Next up

15 great Christmas gifts for Zelda fans that you can buy

Milan Stanojevic avatar. By: Milan Stanojevic
Less than a 1 minute read

Christmas season is almost here and if you’re planning to make your purchase, today we want to show you some great Christmas gifts for Zelda […]

Continue Reading

How to fix Unhandled Exception error in Windows 10

Sovan Mandal avatar. By: Sovan Mandal
5 minute read

6 solutions to fix  Unhandled Exception Errors Perform clean boot Perform SFC scan Run the Hardware Troubleshooter Perform virus scan Un-install and re-installing .NET Framework […]

Continue Reading

10 Christmas gift ideas for your doting mom and dearest dad

Sovan Mandal avatar. By: Sovan Mandal
4 minute read

The yuletide season is here and shopping has already reached frenzied proportions. Also, your mom and dad are easily among the most important persons you […]

Continue Reading