Windows 10 News and info | Forum
October 21, 2017, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot and Botscout | This forum does not use audio ads, popups, or other annoyances.
 
  Website   Home   Windows 8 Website Windows 8 Forum Help Login Register  
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Researchers sandbox Windows Defender and here are the results  (Read 18 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 27261


I Do Windows


WWW Email
« on: August 11, 2017, 08:18:51 PM »
ReplyReply

The software experts from Trait of Bits, a well-known security R&D company sandboxed Windows Defender to see what could happen.

In case you didnít know, sandboxing is a tech term that refers to the act of running an app inside a dedicated container. These containers are extremely restricted, and they prevent attackerís from exploiting OS and app vulnerabilities.

Windows Defender doesnít run in a sandboxed environment

Windows Defender has been an essential part of the Windows app portfolio for 13 years, but it doesnít run in a sandboxed environment by default. Modern apps such as Chrome or the Java virtual machine use app containers to protect their users against cyber attacks.

Severe bugs flooded Windows Defender

During the past months, Google engineers (part of the Project Zero security team) have proven the high vulnerability of Windows Defender by exposing multiple bugs. Hackers could exploit these security issues to to take full control over vulnerable machines.

Microsoft engineers did sandbox a few Windows apps such as Device Guard to keep Windows systems safe. Compared to previous operating systems, Windows 10 is extremely well protected.

The AppJailLauncher sandboxing framework

The ToB team developed a framework coded in Rust that runs Windows apps inside their own sandboxes. They also open-sourced the framework on GitHub. You will find it there as AppJailLauncher.

The AppJailLauncher will allow you to wrap the I/O of an app behind a TCP server allowing the sandboxed app to run on an entirely different machine for stronger security.

The researchers have also open-sourced the sandboxed version of Windows Defender on GitHub through the project called Flying Sandbox Monster.

The experts from Trail of Bits have also pointed out the reason for which Microsoft didnít sandbox Windows Defender Ė itís all about the appís potential performance dip. However, the team proved that Windows Defender can be sandboxed without affecting performance-related metrics.

source
Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines