Windows 10 Anniversary Update saves the day against zero-day threats

by Radu Tyrsina
Radu Tyrsina
Radu Tyrsina
CEO & Founder
Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time). For most of the kids of... read more
Updated on
Affiliate Disclosure

System protection is and always will be a top concern for all parties involved since there are many who will try to take advantage of different situations with software. Well-designed security measures will stop them from doing so, though, like how Microsoft’s Windows 10 recently overcame odds and managed to block some zero-day threats without even patching against them.

Microsoft released an extensive post through its representatives Elia Florio and Matt Oh recently, part of Microsoft’s Windows Defender ATP research team. They had tuned in to educate people about zero-day threats and how Microsoft put a countermeasure in place that seems to have worked. The countermeasure against zero-day threats is actually referred to as zero-day exploit mitigation and has been made part of Windows Anniversary Update.

In this most recent situation, the group Strontium was behind a series of attacks back in October using the CVE-2016-7255 vulnerability. The attacks were against targets from the US using a combination of a Microsoft Windows 10 vulnerability and a Flash Player back door. Attackers tried to gain access and compromise sensitive information but that didn’t happen because the zero-day mitigation systems put in place by Microsoft stopped them from being able to get past the second phase.

If you have experienced a BSOD in that time period this might have been the reason. However, a BSOD is the only damage attackers were able to do to targets. There is also an explanation of how Windows was able to fend off the threat: It seems that the mitigations used by the developer rely on additional checking of length fields and securing virtual address ranges so that they can’t be used for RW primitives.

While a patch came later on, it’s great to know that Windows 10 is able to protect users — Microsoft’s statement for those that feel like sitting ducks using Microsoft’s OS.

This article covers:Topics: