Expert Comment on Windows 10 Security

By   ISBuzz Team
Writer , Information Security Buzz | Jul 30, 2015 05:00 pm PST

Is Windows 10 secure ? Following yesterday’s official launch of Microsoft’s Windows 10, David Chismon, security researcher at MWR InfoSecurity commented below on the windows 10 security.

David Chismon, Security Researcher at MWR InfoSecurity :

“The introduction of Windows Hello, a biometric authentication framework, may see more use of biometric authentication and a move away from passwords. There has also been discussion of a number of other features such as hypervisor layer to manage authentication tokens, however, few details have been published. The new browser, Microsoft Edge, has a smaller attack surface than previous browsers due to a lack of ActiveX and plugins, however, whether the rendering or JavaScript engines are as vulnerable as previously remains to be seen.

“Microsoft may have difficulty convincing enterprises to adapt as enterprises are highly invested in Windows 7. The risk of updates breaking features will put off many organisations unless those fears can be suitably managed by Microsoft. Some of the key selling points of Windows 10 will not appeal to corporates.”

Looking at Microsoft’s decision not to release Windows 11, just free, frequent updates to Windows 10, similar to OSX, David says :

“This could be a good move as security features will be introduced to current versions, whilst traditionally such new features have been held back for service packs. However, large organisations may be wary lest a new feature breaks a business critical application.”[su_box title=”About MWR InfoSecurity” style=”noise” box_color=”#336588″]mwr_infosecrityEstablished in 2003, MWR InfoSecurity is a research-led information security consultancy, with a client list consisting of Dow Jones, NASDAQ, FTSE 100 companies and Government agencies & departments. MWR consults with clients around the world, providing specialist advice and services on all areas of security, from mobile through to supercomputers.

Central to its philosophy is the desire to deliver high quality cyber security consulting services and unsurpassed levels of support to clients. MWR’s focus is working with clients to develop and deliver a full security programme, tailored to meet the needs of each individual organisation.

MWR’s services range across professional and managed services, technical solutions and training covering areas such as security research, incident response, web defense, phishing, mobile and payment security.[/su_box]

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x