Windows 10: security news with the May update


On May 27 the Windows 10 May Update release, also called Windows 10 20H1 or 2004, that is the first half-yearly update of Microsoft’s operating system for 2020. Some users have already received, downloaded and installed it, others will do so in the coming weeks.

The innovations are several and many of them have to do with the security of the operating system itself and user data. As often happens with security issues, these are not very easy to understand (and even notice) innovations for the common user: on the one hand the enhancement of the Sandbox, on the other that of “System Guard Secure Lauch“, The management of security keys and the expansion of compatibility with Microsoft Secured-Core PC technology. The latter will actually affect one tiny part of Windows 10 users but it must be included in a long-term path that is extremely important for ensuring computer security in view of the Internet of Things (IoT) boom. Here’s what changes for Windows 10 PC security, even if users don’t see it.

Windows 10 May Update: security first

Let’s start with the Sandbox, which is not an absolute novelty: it was introduced with the 1903 update, the first half-yearly update of last year. The Sandbox is a virtual machine to safely run one reduced version and Windows 10 and test unknown and potentially dangerous apps. With the May 2020 update, this component of Windows 10 has been improved and enhanced, with the introduction of new configuration files that give the possibility to use shared folders inside it, GPU virtualization and much more. System Guard Secure Launchon the other hand, it is a useful feature to check the integrity of the firmware of the PC devices, thus ensuring that they have not been infected by a virus. With the May Update, the control becomes more thorough and rigorous. With Windows 10 2004then comes the support of FIDO2 security hardware keys “hybrid“, Based on Azure Active Directory (Azure AD).

Windows 10 May Update: the path of Secured-core PC continues

Windows 10 20H1 brings compatibility of Secured-core technology also on AMD’s Ryzen Pro 4000 processors. This technology is essentially an evolution of the previously described System Guard Secure Launch: the integrity of the firmware is checked, using a cryptographic key, but only after checking the key inserted directly into the CPU (factory). The two technologies, therefore, work in tandem: using the new hardware features of the processors of AMD, Intel and Qualcomm, Windows 10 implements System Guard Secure Launch as a requirement to protect the boot process from firmware attacks.

System Guard, after making sure that the CPU is not infected thanks to Secured-core, allows the system to access the firmware of the various devices to start the hardware, immediately after, the operating system. In an Internet of Things perspective, where more and more devices with firmware are connected to the network, all this adds a large layer of security.

Source link


Please enter your comment!
Please enter your name here