Menu
Microsoft asks Windows 10 Enterprise customers to test new anti-exploit tech

Microsoft asks Windows 10 Enterprise customers to test new anti-exploit tech

Slates Windows Defender Application Guard for inclusion with September upgrade

IDG

IDG

Microsoft today asked enterprise customers to test a new anti-malware, anti-exploit technology in Windows 10's baked-in browser.

Windows 10's latest preview, tagged as build 16188 and released Thursday, includes Windows Defender Application Guard, a virtualization-based feature that isolates the contents of a tab in Edge, the OS's default browser, from the rest of the system.

While Application Guard was announced in September, and went through limited testing in the months since, today marked its first appearance to all Insiders running Windows 10 Enterprise. Users must manually toggle on Application Guard from a setting dialog, then open a tab within Edge by selecting "New Application Guard Window" from the browser's menu.

Application Guard is available only in the U.S. English version of build 16188 for Windows 10 Enterprise, and requires a PC that supports Hyper-V, Microsoft's virtualization technology.

Like sandboxing -- another anti-exploit approach browsers rely on -- the virtualization of an Edge tab blocks viewed content and downloaded files from harming the system. Malware that gets into the virtualized "container" cannot access the user's identity credentials, will find no data when it starts sniffing and cannot connect with other systems on the network. Think of it as a malware dead-end.

When the user is done browsing -- closes the tab, shuts down the browser, logs out of the PC -- the isolated tab is thrown away. Any malware that managed to get into the container is tossed, too.

Company administrators will be able to define "white lists" of sites -- typically those that are, in Windows-speak, "trusted" by the network -- which when opened, will appear in traditional tabs. If the user steers to a site that is not on the approved list, then Edge will open it in an Application Guard container.

Microsoft has pegged Application Guard to debut in Windows 10's next feature upgrade, slated to ship in September. Yolando Pereira, a technical program manager on the Windows device security team, said the technology was to appear "in the upcoming release of Windows." And during a presentation at the RSA security conference in January, Chas Jeffries, a principal program manager, also said Application Guard was set for the 1709 upgrade, currently codenamed "Redstone 3."

Microsoft has said nothing about whether it will extend Application Guard to other editions of Windows 10 -- Windows 10 Pro, for example, includes the necessary Hyper-V -- expand it to applications other than Edge, or allow rival browser makers to isolate tabs using the technology.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags Daily BriefingMicrosoft

Featured

Slideshows

Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments