Microsoft announces Windows Server 2022 with new security features

[xhartom]

 

 

Microsoft says that Windows Server 2022 will come with security improvements and will bring Secured-core to the Windows Server platform.

Windows Server 2022 is now in preview and "provides secured connectivity enabled by industry-standard AES 256 encryption," as Microsoft announced today.

The next Windows Server release will also improve hybrid server management by enhancing performance monitoring and event alerts in Windows Admin Center.

 

"Furthermore, this release includes significant improvements to Windows container runtime, such as virtualized time zones and IPV6 support for globally scalable apps, as well as containerization tools for .NET, ASP.NET, and IIS applications," Microsoft added at Microsoft Ignite 2021.

 

Windows Server 2022 also brings Secured-core to Windows Server for added protection against a wide range of threats.

Secured-core servers with built-in threat protection
Secured-core PCs come as a solution for the number of increasing firmware vulnerabilities that attackers can exploit to bypass a Windows machine's Secure Boot and the lack of visibility at the firmware level present in today's endpoint security solutions.

 

Built-in protection capabilities designed to protect users from threats (both state-sponsored hacking attacks and commodity malware) abusing firmware and driver security flaws are included with all Secured-core PCs since October 2019.

They can defend users against malware designed to take advantage of driver security flaws to disable security solutions.

 

Secured-core PCs built by Microsoft in collaboration with OEM partners and silicon vendors protect users against such attacks by following these requirements:

Loading Windows securely: Enabled with Hypervisor Enforced Integrity, a Secured-core PC only starts executables signed by known and approved authorities. Also, the hypervisor sets and enforces permissions to prevent malware from attempting to modify the memory and made executable

Firmware protection: System Guard Secure Launch uses the CPU to validate the device to boot securely, preventing advanced firmware attacks
Identity protection: Windows Hello allows you to sign-in without a password, Credential Guard leverages VBS to prevent identity attacks

Secure, hardware-isolated operating environment: Uses the Trusted Platform Module 2.0 and a modern CPU with dynamic root of trust measurement (DRTM) to boot up your PC securely and minimizes firmware vulnerabilities
Secured-core servers now follow these provisions to boot securely, protect themselves from firmware security bugs, shield the OS from attacks, prevent unauthorized access, and secure users' identity and domain credentials.

 

Together, Windows Server 2022 and Secured-core add the following preventative defense capabilities to servers:

Enhanced exploit protection: Hardware innovations allow for robust and performant implementations of exploit mitigations. Hardware-enforced Stack Protection will take advantage of the latest chipset security extension, Control-flow Enforcement Technology. Windows Server 2022 and protected applications will be secured from a common exploit technique, return-oriented programming (ROP), often used to hijack intended control flow of a program.

Connection security: Secure connections are at the heart of today’s interconnected systems. Transport Layer Security (TLS) 1.3 is the latest version of the internet’s most deployed security protocol, which encrypts data to provide a secure communication channel between two endpoints. TLS 1.3 eliminates obsolete cryptographic algorithms, enhances security over older versions, and aims to encrypt as much of the handshake as possible. Windows Server 2022 includes TLS 1.3 enabled by default, protecting the data of clients connecting to the server.

Improved account support for containers: Containers are being embraced by many customers as a preferred building block for their applications and services. Customers use group Managed Service Accounts (gMSA) as the recommended Active Directory identity solution for running a service across a server farm.

Today, anyone trying to containerize their Windows services and applications that use gMSA is required to domain join their container host to enable gMSA functionality.

This can cause scalability and management issues. Windows Server 2022 supports improvements to gMSA for Windows Containers that allow you to enable support for gMSA without domain joining the host.

 

 

 

Secured-core for Azure IoT Edge devices
Microsoft also introduced the Edge Secured-core device label at Microsoft Ignite 2021 to identify Azure IoT Edge devices that meet the Secured-core spec.

The new device label is no in public preview within the Azure Certified Device program after previously being announced for Windows enterprise devices.

 

"Now, enterprise customers seeking Internet of Things (IoT) devices that meet the Azure defined security bar can easily identify device models that have the Edge Secured-core label in the Azure Device Catalog," Microsoft said. "As part of this requirement, devices will have Azure Defender for IoT built-in."

 

 

SOURCE

[Matrix]

@xhartom Thank you for your post brother moved to Software News suits better here