As Windows 10 approaches its one year anniversary, it is interesting to take a look at how far the operating system has come. Microsoft has promised greater security in Windows. During the past 12 months I have been kept very busy researching and documenting Windows 10’s security, as well as its privacy issues. I have now completed a white paper on the subject: Microsoft Windows 10 Security and Privacy: An ESET White Paper.
Windows 10 represents a sea change for Microsoft: the realisation of its Windows as a Service (WaaS) strategy initiated by its predecessor, Windows 8. With WaaS, Microsoft is able to update its Windows operating system with additional features and functionality throughout its life, instead of only at service point releases or new versions.
In the past, new features and functionality have had to wait for one of these events. With Windows 10, these will now appear at various operating system “point” releases, which will occur two to three times a year, according to Microsoft.
Lest anyone think that Microsoft’s commitment to making changes to Windows in order to improve its security and privacy is mere sophistry, allow me to share my own experience over the course of writing this white paper. Of the 35 pages originally turned in, 18 had to be rewritten completely due to changes made by Microsoft after Windows 10’s release less than 12 months ago.
Despite this, I have endeavoured to provide a comprehensive analysis of Windows 10 from a security and privacy perspective, as you can see from this selection of top level section headings from the white paper. Bear in mind these are just the main sections:
- Windows Adoption by the Numbers
- Windows 8: The Security Story So Far
- What's Improved in Windows 10
- Windows Update
- Windows Branches
- Windows Defender
- Defending Windows Defender
- SmartScreen Filter
- What's New in Windows 10
- Conditional Access
- Control Flow Guard
- Device Guard
- Virtualization-Based Security
- Microsoft Edge
- Microsoft Passport
- Windows Hello
- Windows 10 Mobile
- Cortana Search Agent
- Government issues
- Microsoft on Privacy
I trust this white paper will help organisations that are currently evaluating the role of Windows 10 in their operating system and security strategies. To the best of my ability I have referenced all of the information that is provided in the paper, hot-linked through the more than 120 footnotes it took to do that.
Article by Aryeh Goretsky, distinguished researcher, ESET.