Google Expert on Windows 10 Security: Two Steps Forward, One Step Back

[Batu69]

Microsoft has improved some features but failed with others

Forshaw has also demoed an exploit which he'll release after Microsoft patches the flaw

Microsoft has made several security improvements in Windows 10, trying to offer users additional protection after upgrading, but while the company has managed to achieve its goal in some cases, it has failed in others.

That's what James Forshaw, information security engineer at Google, and those who are credited with the discovery of several major vulnerabilities in Microsoft software have said in a recent presentation called “Windows 10: Two steps forward, one step back.”

As The Reg notes, one of the things that expose Windows 10 to an increased number of attacks is the fact that there are more system services running by default, which obviously makes it possible for hackers to look at new targets as compared to previous versions of Windows.

For example, Windows 10 has a total of 196 system services and 291 drivers that are enabled by default, Forshaw notes, while Windows 8.1 has only 169 and 253, respectively. Windows 7 was the most secure, with 150 services and 238 drivers.

“There are more system services and drivers which means more attack surface,” Forshaw has explained during his keynote. “Local system is the god account on Windows and as we go towards (Windows) 10 more services as a percentage of the total are running as the absolute highest account. That's not great.”

The User Account Control saga

As far as User Account Control is concerned, this is now a feature that's easily failing its mission of protecting users. Forshaw explains that UAC has turned from a security tool into “something you just put there to annoy the user,” and at some level, he's right. UAC displays prompts to let you block or allow the running of applications that require administrator privileges, but right now, it can easily be bypassed by attackers.

The Google security experts claim that, while Microsoft is very likely to significantly improve UAC in Windows 10, these new upgrades won't be released to users of Windows 7 and 8.1, which means that an important share of users would remain unprotected.

Another area that Microsoft has improved in Windows 10 is Microsoft Edge, but like the OS as a whole, it still has flaws that could expose users. The best example is the Adobe Flash support, which Forshaw says keeps it simple for hackers to compromise a system using a malicious website.

“Microsoft could have lead the way and said ‘I refuse to run (Adobe) Flash ever again in my web browser’ but unfortunately they did not take that inspired option,” Forshaw has said, while explaining that, in Google's case, Chrome users are protected because Flash content is loaded in an isolated state.

Source