Microsoft Technical Takeoff: Windows and Microsoft Intune
Oct 24 2022 07:00 AM - Oct 27 2022 12:00 PM (PDT)

Win 10S threat landscape

New Contributor

Considering the lockdown nature of Win 10S, are there any existing discussions about the threat landscape of a Win10S machine?  For instance, phishing is unchanged.  Edge/IE vulnerabilities?  How about browser extension vulnerabilities, would they have full function or are there inherent protections against them?  Would ransomware that encrypts files still work if they are run via powershell scripts?

 

Not asking directly for answers.  But are there papers or existing discussions?

2 Replies

Windows 10 S in addition to only running software from the Store does block certain inbox things like Powershell and have some enhancments to prevent certain dangerous files from the internet. I don't think we have any whitepapers etc. at this point, but more details will be coming on the security advantages in the next month or two.

 

What you're basically looking for is a white paper and at this time we don't have one satisfy the breath of your questions. I'll take this as feedback and hopefully we can prioritize one, or at least a detailed blog, in the future.

 

As you can tell Windows S was designed to be highly secure out of the box. In its design we systematically went through all of the attack vectors and then reduced the surface area of attack where they could be used. We use sandboxing for the browser and extensions, we run things with least priv, out of proc, etc. We made hard choices for security vs extensibility like not letting marcos run in docs, and to your question about powershell and ransomware we blocked that too.

 

As a security guy Windows S is a super exciting and we'll continue to make it even more secure.