Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
New secured-core PCs to thwart RobbinHood attacks
3 min. read
Published onMarch 19, 2020
published onMarch 19, 2020
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Microsoft has provided detailed information about secured-core computers—a new class of devices with built-in fortification against cybersecurity threats.
The company has been developing the fortifiedWindows 10PCs jointly with its OEM partners. It is talking up a new chip-to-cloud strategy that provides multi-level system protection.
RobbinHood malware attacks
Secured-core PCs come with defenses against the RobbinHood malware (and other threats) enabled out of the box.
Such a threat may prevent you from accessing your computer or data. Also, an attacker can use it to ask for a specific amount of money as a precondition for releasing your system.
Baltimore’s government suffered a similarbreach of cybersecuritylast year after hackers seized part of the city’s information technology system.
In a typical RobbinHood attack, the malware targets your operating system’skernel. From there, it can execute the lowest-level and most sensitive functions of the OS.
The ransomware contains multiple files, one of which can give an attacker elevated kernel privileges. Once this happens, the intruder may disable kernel-mode driver signing and validation.
That breach paves the way for the loading of a malicious driver with kernel-level privileges like turning off security features or tools.
That is why Microsoft isproposinga multifaceted approach to protecting the kernel. The strategy would involve building cybersecurity into the PC’s chip, OS, and the cloud.
Guarding against kernel attack
With secured-core devices, Hypervisor-protected code integrity (HVCI) verifies each driver that loads into the kernel. It makes it difficult for RobbinHood malware to introduce and run an unsigned driver in the kernel.
Secured-core PCs are the latest hardware to provide driver control out of the box, with baseline configuration already set. Driver control is provided by a combination of HVCI & Windows Defender Application Control (WDAC) technologies.
Additionally, these fortified devices come with built-in defenses against the execution of unverified code.
Microsoft also talked about Kernel Data Protection (KDP), an upcoming Windows 10 feature. Its purpose is to prevent the illegal manipulation of kernel memory and data.
Why hardware-backed security makes sense
There are several ways to handle different types ofransomwarein Windows 10. However, you can boost your PC’s security with hardware-backed defenses because these are not just OS-focused.
Likewise, even with all the technical cybersecurity features at your disposal, you may be unable to match them with the right hardware profile.
Also, getting the BIOS and OS settings right for optimal protection can be tricky sometimes.
It will be interesting to see how secured-core devices stack up against persistent remote code execution (RCE) cybersecurity threats.
More about the topics:Cybersecurity,microsoft,windows 10
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, Forexminute.com, The Writers Network and a host of other companies.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, simplifying the tech universe for the mases.
