Microsoft asks Windows 10 testers to try new anti-exploit sandbox for Edge

Microsoft today asked enterprise customers to test a new anti-malware, anti-exploit technology in Windows 10’s baked-in browser.
Windows 10’s latest preview, tagged as build 16188 and released Thursday, includes Windows Defender Application Guard, a virtualization-based feature that isolates the contents of a tab in Edge, the OS’s default browser, from the rest of the system.
[ Further reading: Fighting ransomware: A fresh look at Windows Server approaches ]While Application Guard was announced in September, and went through limited testing in the months since, today marked its first appearance to all Insiders running Windows 10 Enterprise. Users must manually toggle on Application Guard from a setting dialog, then open a tab within Edge by selecting “New Application Guard Window” from the browser’s menu.
Application Guard is available only in the U.S. English version of build 16188 for Windows 10 Enterprise, and requires a PC that supports Hyper-V, Microsoft’s virtualization technology.
Like sandboxing—another anti-exploit approach browsers rely on—the virtualization of an Edge tab blocks viewed content and downloaded files from harming the system. Malware that gets into the virtualized “container” cannot access the user’s identity credentials, will find no data when it starts sniffing and cannot connect with other systems on the network. Think of it as a malware dead-end.
When the user is done browsing—closes the tab, shuts down the browser, logs out of the PC—the isolated tab is thrown away. Any malware that managed to get into the container is tossed, too.
安全培训“超融合”彰显大安全理念
[ To comment on this story, visit Computerworld’s Facebook page. ]Company administrators will be able to define “white lists” of sites—typically those that are, in Windows-speak, “trusted” by the network—which when opened, will appear in traditional tabs. If the user steers to a site that is not on the approved list, then Edge will open it in an Application Guard container.
Microsoft has pegged Application Guard to debut in Windows 10’s next feature upgrade, slated to ship in September. Yolando Pereira, a technical program manager on the Windows device security team, said the technology was to appear “in the upcoming release of Windows.” And during a presentation at the RSA security conference in January, Chas Jeffries, a principal program manager, also said Application Guard was set for the 1709 upgrade, currently codenamed “Redstone 3.”

Microsoft has said nothing about whether it will extend Application Guard to other editions of Windows 10—Windows 10 Pro, for example, includes the necessary Hyper-V—expand it to applications other than Edge, or allow rival browser makers to isolate tabs using the technology.
This story, “Microsoft asks Windows 10 testers to try new anti-exploit sandbox for Edge” was originally published by
Computerworld.
加强网络监管和保护网民隐私是一个硬币的两面,它们并不矛盾,也不对立,更不会冲突,要保证有授权的监管机构在有必要的正当理由下,方可访问用户的个人机密信息数据,而不是将这些隐私公开给所有人。
To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Related:
Windows
PCs
Security
Windows 10
Microsoft
Senior Reporter Gregg Keizer covers Microsoft, security issues, Apple, web browsers and general technology breaking news for Computerworld.
Follow
云计算也会带来安全方面的挑战,因此我们需要评估云服务提供商的能力,以便保护数据的保密性,可用性和完整性。在合同中,我们需要列明的要求,包括供应商将如何化解风险和处理数据。

猜您喜欢

39元物联网网关面市 恬家U棒开启淘宝众筹
网络安全微视频——密码安全意识
勿让网络安全人才培养走“中国足球”的老路
惊!一大帮美少年来袭,杨幂现场被套路
GOVTNAUKRIALERT ANTHEM-BLUE
互联网金融移动APP与虚假WIFI的信息安全教训