Posts

Microsoft-Windows-Red-Team

THE ELITE MICROSOFT HACKER TEAM THAT KEEPS WINDOWS PCS SAFE

ONE OF THEM jailbroke Nintendo handhelds in a former life. Another has more than one zero-day exploit to his name. A third signed on just prior to the devastating Shadow Brokers leak. These are a few of the members of the Windows red team, a group of hackers inside Microsoft who spend their days finding holes in the world’s most popular operating system. Without them, you’d be toast.

Many companies have a red team, or several, and they generally share the same purpose—to play the role of an attacker, probing releases new and old for vulnerabilities, hoping to catch bugs before the bad guys do. Few of them, though, focus on a target as ubiquitous as Windows, an operating system that still boasts nearly 90 percent market share for laptop and desktop computers worldwide. When Windows breaks, the whole world hears the shatter.

Putting It Together

The Windows red team didn’t exist four years ago. That’s around the time that David Weston, who currently leads the crew as principal security group manager for Windows, made his pitch for Microsoft to rethink how it handled the security of its marquee product.

“Most of our hardening of the Windows operating system in previous generations was: Wait for a big attack to happen, or wait for someone to tell us about a new technique, and then spend some time trying to fix that,” Weston says. “Obviously that’s not ideal when the stakes are very high.”

Weston wanted to go beyond Microsoft’s historical mode of using bug bounties and community relationships to formulate a defense. He was tired of the reactive crouch, of responding to known issues rather than discovering new ones. He wanted to play some offense.

Drawing inspiration from his experience with whitehat hackers at events like Pwn2Own—and tired of waiting until the competition ended to glean valuable insights into Windows vulnerabilities—Weston began putting together a team that would essentially conduct a Windows-focused hacking contest every day of the year.

 You can only scan for problems you already know about. A red team finds the ones you don’t.

Today, members of that team include Jordan Rabet, whom David noticed after Rabet showed off an impressive Nintendo 3DS jailbreak in a 2014 YouTube video. Rabet currently focuses on browser security but also played a key role in Microsoft’s response to the Spectre vulnerability that rocked the computer industry less than a year ago.

Viktor Brange, who lives in Sweden, helped respond to leaked NSA Windows-hacking tool Eternal Blue by sifting through Microsoft code base, ascertaining the severity of various issues to triage. Adam Zabrocki’s deep Linux experience helps tackle kernel and virtualization issues. Jasika Bawa helps transform the team’s findings into actual product improvements. And two other members of the team WIRED spoke with for this story do sensitive enough work that they requested anonymity.

Together, the red teamers spend their days attacking Windows. Every year, they develop a zero-day exploit to test their defensive blue-team counterparts. And when emergencies like Spectre or EternalBlue happen, they’re among the first to get the call.

Code Red

Again, red teams aren’t novel; companies that can afford them—and that are aware they could be targeted—tend to use them. If anything, it may come as a surprise that Microsoft hadn’t sicced one on Windows until so recently. Microsoft as a company already had several other red teams in place by the time Weston built one for Windows, though those focused more on operational issues like unpatched machines.

 “Windows is still the central repository of malware and exploits. Practically, there’s so much business done around the world on Windows. The attacker mentality is to get the biggest return on investment in what you develop in terms of code and exploits,” says Aaron Lint, who regularly works with red teams in his role as chief scientist at application protection provider Arxan. “Windows is the obvious target.”
source:  Wired
Microsoft Releases New Updates

Microsoft Releases New Windows Updates to Address the Spectre Variant 2 Flaw

Microsoft has released new Windows updates that include Intel hardware fixes to address the Spectre variant 2 CPU flaw.

Microsoft this last week published on the Microsoft Update Catalog KB4078407 and KB4091666, respectively a software update for Windows 10 and Windows Server 2016, and an update targeting Intel machines that includes the chip-maker’s microcode updates.

The two updates address Spectre Variant 2 CVE-2017-5715, known as a branch target injection vulnerability disclosed by Google researchers in January.

Of all three variants that constitute Meltdown and Spectre, variant 2, which affects Intel and AMD chips, has been the most problematic.

Intel halted the rollout of its initial microcode updates after it was found they caused unexpected reboots. Intel last month completed re-releasing microcode mitigation for the Spectre variant 2 flaw in all CPUs ever released over the past nine years.

While hardware manufacturers were meant to release Intel’s updates, Microsoft in March began releasing them, starting with the Windows 10 Fall Creators Update, version 1709, on devices with specific 6th Generation Intel Core and Core m processors: Skylake H/S (CPUID 506E3) and Skylake U/Y and U23e (CPUID 406E3).

Microsoft recommends users check with their device manufacturer before installing KB4078407.

The KB4091666 Windows Update brings Intel’s microcode updates to more families of Intel CPUs than the initial March update KB4090007. The newer update covers Intel Core, Pentium, Celeron, and Xeon processors from Skylake, Broadwell, and Haswell CPUs.

“We will offer additional microcode updates from Intel thru this KB Article for these operating systems as they become available to Microsoft,” Microsoft noted in a support document.

Microsoft has also released a new KB4090007 package for the Fall Creators Update with Intel’s hardware updates for more Skylake, Broadwell, and Haswell CPUs.

source:  ZDNET