Integral Windows 10 Anti-Malware Intervention Critically Broken

Integral Windows 10 Anti-Malware Intervention Critically Broken

By on Nov 25, 2017 in CyberSecurity, News, Technology, Windows 10

This major security flaw affects all versions of Windows 8 and 10

Microsoft introduced a major addition to their anti-malware protection in Windows 7 over 10 years ago that helps protect installed programs from being discovered and ultimately accessed and exploited by malware on your computer.  This technology is called ASLR, which stands for Address Space Layout Randomization which works by storing data in different locations every time the application is run. The protection makes it difficult for rogue programs on your computer to predict where that data is stored and exploit it should there be a security flaw. While this technology works flawlessly at making it more difficult for malware to infect insecure programs on Windows 7 computers, it is broken on Windows 10.

 

ASLR - Discovery Computers

The setting in the Windows Defender Security Center is available to be used and configured in the Fall Creators Update that was rolled out starting in October 2017. Unfortunately, in Windows 10, Microsoft is storing the data from the programs as they load in the very same place.  If a rogue program is on your computer and detects a program running on your computer that has a security flaw that is started on your computer, it can easily access it and exploit it. The protection that is supposed to be circumventing this issue, is critically broken.  It requires a specific technical fix that should not be attempted by anyone without knowledge of working with the registry to prevent damage.

 

To help explain how this prevention works, think of it like hiding keys to your home from someone that has already broken into it that had found it before when you were on vacation. You carefully plan out 12 different hiding spaces around your home that look nothing like each other and let your dog sitter know that they need to put it in a different spot each day.  The person who knows that there is a key could still find it and get into your house if they looked, but it will take them some time and they have to look around. The problem is, the dog sitter keeps putting the key under the mat every day and that person easily gets in the door every day.

If you use Windows 10, you are vulnerable to this and we strongly suggest that you contact us at Discovery Computers at 250-382-0424 and ensure that your computers is patched for this security issue. We can also review  We can also review is you are vulnerable to the Intel Management Engine security flaws and recommend a Microsoft Privacy Policy review for $30 if you have not configured this on your computer yet to protect your privacy from Microsoft.