Monday, October 29, 2018


TECH



The Windows Defender antivirus in a sandbox!

For now, this is a test that is primarily for Windows Insider program (Windows 10). For Windows Defender Antivirus on Windows, Microsoft announces the possibility of running in a sandbox.This is not anything, knowing that by nature, an antivirus has deep access to the system and files. However, a sandbox is synonymous with a controlled environment where code execution is done by limiting interactions with the rest of the operating system.In practice, a user will notice a MsMpEngCP.exe content process running at the same time as the MsMpEng.exe antimalware service, or the Microsoft Malware Protection Engine.The latter, which runs with high access privileges, does not scan files. It is a job that is in charge of the content process running with weak access privileges and benefiting from all the security techniques to reduce an attack surface.
 We used a template where most protection data is hosted in memory-mapped files that are read-only at runtime. "In a blog post, the Windows Defender Engineering team explains the changes and adjustments needed (as not to affect performance) with this redesign around two interacting layers.Microsoft said that deployment will be gradual for Windows Insiders and with a feedback analysis to refine the implementation. However, the more adventurous have the opportunity of a manual activation from version 1703 of Windows 10 with the command (in administrator mode): setx / M MP_FORCE_USE_SANDBOX 1.The announcement was greeted by security researcher Tavis Ormandy of Google's Project Zero. He had highlighted vulnerabilities (which have been corrected) in MsMpEng - and thus the antimalware engine of Microsoft - with the opportunity to exploit his search for malicious code at his expense.This prolific hacker with a beautiful hunting chart had thus insisted on the existence of some of the most serious vulnerabilities in Windows, given the omnipresence of the MsMpEng service and its elevated privileges. This obviously teased Microsoft ...
J. G.
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

  CES 2025 Nanoleaf Innovates in the Beauty Market with LED Therapy Mask and Subscription Plan Nanoleaf, traditionally known for its smart l...

  • (no title)
    TECH In Memoriam: The Tech That Died in 2018 A bongo enthusiast once said, "time is a flat circle," which is a pretentious...
  • (no title)
      HONOR Model 60 Pro: Sparkling design and camera configuration confirmed by teaser image Honor is not due to unveil the Honor 60 series for...
  • (no title)
      OPPO New and unprecedented model Find X6 will debut with a huge photo sensor Oppo has a strong smartphone lineup lately, offering great fo...