What's anti-exploit technology in Windows 10’s baked-in browser?

Microsoft's latest Windows 10 preview, build 16188, includes a virtualization-based feature called Windows Defender Application Guard, that isolates the contents of a tab in Edge, the OS’s default browser, from the rest of the system.

While the anti-malware technology was announced in September, and had undergone limited testing, this is its first availability for all Insiders running Windows 10 Enterprise.

Just like sandboxing, the virtualization of a tab in Edge blocks viewed content and downloaded files from accessing the system.

In that way, malware in the virtualized “container” cannot access the user’s credentials, will not be able to access data or connect with other systems on the network.

And as the user closes the tab; on shutting down the browser, or logs out of the PC, any malware that managed to get into the container is thrown away as well.

For now, the Application Guard feature is available only in the U.S. English version of build 16188 for Windows 10 Enterprise, and requires a PC that supports Microsoft’s virtualization technology.
Next Post »