Microsoft is a company that is committed to protecting its customers from vulnerabilities that affect its products, services, and devices. To solve most issues, the software giant tends to release a software update to get the job done, and over these years, they have been very helpful.
The company says it wants to be transparent with customers and security researchers in how problems are solved. This is likely due to past accusations that states Microsoft doesn’t care about privacy. Since then, the software giant has done everything in its power to be more transparent in where privacy is concerned, and that’s perfect.
Microsoft’s Security Servicing Criteria
What is the type of security criteria Microsoft uses?
OK, so here’s what we’ve managed to gather. When the company wants to evaluate whether or not it must work on and release a security update for one of its products, it must first consider two questions, and they are as follows:
Does the vulnerability violate the goal or intent of a security boundary or feature?
Does the severity of the vulnerability meet the bar for servicing?
According to Microsoft, if the answer is yes in regards to both questions, then the idea, then, is to fix the problem with a security update or guide where possible. Now, should the answer to either question be a solid no, then the plan would be to consider to fix the vulnerability in the next version of Windows 10.
What about security boundaries?
When it comes down to a security boundary, we understand that it provides a reasonable parting between the code and data of security domains with different levels of trust. Additionally, software from Microsoft requires several security boundaries designed to isolate infected devices on a network.
Let’s give a few examples of security boundaries and their security goals
Security boundaries and goals
- Network boundary: An unauthorized network endpoint cannot access or tamper with the code and data on a customer’s device.
- Kernel boundary: A non-administrative user mode process cannot access or tamper with kernel code and data. Administrator-to-kernel is not a security boundary.
- Process boundary: An unauthorized user mode process cannot access or tamper with the code and data of another process.
This is where things begin to get super interesting. You see, security features build upon security boundaries to deliver strong protection against certain threats. To put it simply, both security features and security boundaries work hand-in-hand.
Here, we’re going to list a few security features along with their security goals for you to get a better understanding of what’s going on.
- BitLocker: Data that is encrypted on disk cannot be obtained when the device is turned off.
- Secure Boot: Only authorized code can run in the pre-OS, including OS loaders, as defined by the UEFI firmware policy.
- Windows Defender System Guard (WDSG): Improperly signed binaries cannot execute or load by the Application Control policy for the system. Bypasses leveraging applications which are permitted by the policy are not in scope.
Defense-in-depth security features
For those who are wondering, defense-in-depth security features are the type of security features that protect against a major security threat without the use of any form of robust defense.
It means they are unable to mitigate a threat fully but could contain such a threat until the proper software is used to clean up the mess.
The best-known defense-in-depth security feature is User Account Control (UAC). It is designed to “prevent unwanted system-wide changes (files, registry, etc.) without administrator consent.”