What exactly Microsoft is claiming?
Microsoft has recently published a new white paper named Ransomware Protection in Windows 10 Anniversary Update. In that publication, Microsoft has claimed that this version (1607) of Windows 10 is the most secure version ever.
Also, Microsoft has mentioned detailed protection strategies and techniques of the Windows 10, 1607 in that white paper, through which it will secure all its customers, clients, and businesses.
What is a Ransomware?
Ransomware is a type of malware threat which aims at the victim’s device to deny the access of the owner on its own device and it can only be revived if paid a ransom.
Though the motive is very easy to understand but the process by which they are targeting individuals is very complex.
Media has continuously reported about many businesses and PCs that are affected by Ransomware. Windows Defender has also registered a 400% increase from the month of December 2005 to the month of July 2016 in the number of ransomware encounters.
A common infection process is…
The most common way through which generally the malware attack its victim is by the malicious link.
The link can be attached to an email and sent to the victim, hoping if the victim opens the attachment and clicks on the link then the malware can be injected into the system.
Another way is injecting the malware through the browser. Usually, it happens when the victim clicks on a malicious download link and the link redirects the victim to a malicious website, where the malicious download get injected into the device.
What is Microsoft doing to prevent this process?
Microsoft has updated its security strategy and applying it to ransomware in three key steps:
- Prevention: it prevents the malware before it reaches the victim’s device.
- Detection: it detects and blocks the ransomware from executing.
- Response: it provides intelligence to security and IT professionals so they can identify and solve the problem of affected devices.
Microsoft has updated the above security strategies to the new version of Windows 10 and also added some more such as:
- The improvised protection system of Windows 10 against ransomware.
- The release of the updated version of Microsoft Edge Browser (Microsoft has also claimed that this is the most secure browser it has ever shipped).
- New advanced machine-learning systems in the email services so that the ransomware does not get easily circulated through emails.
- Improvised Windows Defender Cloud detection abilities and heuristics to minimize the time of detection to seconds.
- Also, integrated URL reputation intelligence is included into Windows Defender’s Cloud detection as faster detection will increase the ability to respond previously the infection may occur.
- To provide insights into potential attacks on the customer’s network Windows Defender Advanced Threat Protection has been released to help enterprise security operation teams to investigate and respond.
Via : thurrott.com