Microsoft: Windows 10 is the safest and most zero-day vulnerabilities are no longer available
In terms of security, Microsoft often publishes reports that praise Windows 10 security, which of course provides some kind of motivation for enterprise users to upgrade. Recently, Microsoft also released a new report to explain this point. Microsoft reported in the report that the vast majority of Windows 10 zero-day vulnerabilities are no longer available. Although there is no guarantee that all users will install the cumulative update fix vulnerability immediately, there are other ways for Microsoft to provide additional security controls.
Engineers at Microsoft Security Response Center used telemetry data to categorize all attack cases that exploit zero-day vulnerabilities since the release of Windows 10. Microsoft engineers say that most zero-day vulnerabilities will fail within a few months of releasing a fix or fix and that an attacker can no longer exploit the vulnerability. If the user does not actively install the update compared to the previous legacy operating system, the vulnerability is always there and there will always be an attacker trying to exploit the vulnerability. The main reason for being able to quickly eliminate zero-day vulnerabilities is that Microsoft uses flow control protection and device protection to automatically enable mitigation measures for the system.
In fact, this is related to Microsoft Defender, which is enabled by default in Microsoft’s operating system. With this security software, Microsoft can quickly intercept attacks.
In the past 12 years, most of the vulnerabilities discovered by Microsoft versions have been related to memory management. Such vulnerabilities account for up to 70% of the total vulnerabilities. Vulnerabilities in memory management are often horrendous and very frequent, and such situations are a concern of Microsoft security engineers.
The Microsoft security team is currently exploring the use of the Rust programming language instead of C/C++, and Microsoft hopes to use the new programming language to reduce errors. This means that the frequency of security vulnerabilities in memory management classes may be reduced in the future, and the security of the entire operating system is greatly improved.
Via: ZDNet