Tag: virtual-machine

Password-theft 0day imperils users of High Sierra and earlier macOS versions

(credit: Koichi Taniguchi ) There’s a vulnerability in High Sierra and earlier versions of macOS that allows rogue applications to steal plaintext passwords stored in the Mac keychain, a security researcher said Monday. That’s the same day the widely anticipated update was released. The Mac keychain is a digital vault of sorts that stores passwords and cryptographic keys. Apple engineers have designed it so that installed applications can’t access its contents without the user entering a master password. A weakness in the keychain, however, allows rogue apps to steal every plaintext password it stores with no password required. Patrick Wardle, a former National Security Agency hacker who now works for security firm Synack, posted a video demonstration here . The video shows a Mac virtual machine running High Sierra as it installs an app. Once the app is installed, the video shows an attacker on a remote server running the Netcat networking utility . When the attacker clicks “exfil keychain” button, the app surreptitiously exfiltrates all the passwords stored in the keychain and uploads them to the server. The theft requires no user interaction beyond the initial installation of the rogue app, and neither the app nor macOS provides any warning or seeks permission. Read 4 remaining paragraphs | Comments

Link:
Password-theft 0day imperils users of High Sierra and earlier macOS versions

Azure Confidential Computing will keep data secret, even from Microsoft

Enlarge / The Trusted Execution Environment means that, even if the application and operating system are compromised, the green code and data can’t be accessed. (credit: Microsoft ) Microsoft announced today a new feature coming to its Azure cloud platform named “Confidential Compute.” The feature will allow applications running on Azure to keep data encrypted not only when it’s at rest (in storage) or in transit (over a network) but when it’s being computed on in-memory. This ability to encrypt data when it’s in-use means that it can be kept secure even from Microsoft’s administrators, government warrants, and hackers. Confidential Computing will have two modes: one is built on virtual machines, while the other uses the SGX (“Software Guard Extensions”) feature found in Intel’s recently introduced Skylake-SP Xeon processors. Both modes will allow applications to ringfence certain parts of their code and data so that they operate in a “trusted execution environment” (TEE). Code and data that are inside a TEE cannot be inspected from outside the TEE. The virtual machine mode uses the Virtual Secure Mode (VSM) functionality of Hyper-V that was introduced in Windows 10 and Windows Server 2016. With VSM, most parts of an application will run in a regular virtual machine atop a regular operating system. The protected, TEE parts will run in a separate virtual machine containing only a basic stub operating system (enough that it can communicate with the regular VM) and only those parts of the application code that need to handle the sensitive data. Read 4 remaining paragraphs | Comments

Read the original:
Azure Confidential Computing will keep data secret, even from Microsoft

Ubuntu Linux is available in the Windows Store

Here’s a statement that would have been unimaginable in previous years : Ubuntu has arrived in the Windows Store. As promised back in May , you can now download a flavor of the popular Linux distribution to run inside Windows 10. It won’t compare to a conventional Ubuntu installation, as it’s sandboxed (it has limited interaction with Windows) and is focused on running command line utilities like bash or SSH. However, it also makes running a form of Linux relatively trivial. You don’t have to dual boot, install a virtual machine or otherwise jump through any hoops beyond a download and ticking a checkbox. Microsoft hasn’t said exactly when you can expect to see Fedora and SUSE Linux, the other two distributions coming to the Windows Store. Nonetheless, this is a big milestone that reflects Microsoft’s dramatic shift in attitude over the years. Where it used to be interested in protecting Windows sales at all costs, it’s now much more interested in pushing services . The addition of Linux is a logical extension of that strategy — developers and IT managers might be more likely to use Microsoft cloud offerings if they know that familiar Linux commands are a few clicks away. Via: The Verge Source: Windows Store

View article:
Ubuntu Linux is available in the Windows Store

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

See the original article here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

See more here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

View original post here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

Originally posted here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

More here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

Continue reading here:
Microsoft tests a secured Edge browser for business

Microsoft tests a secured Edge browser for business

If the idea of a more secure Windows browser appeals to you — and why wouldn’t it — then you might want to have a peek at the latest Windows 10 Insider Preview Build . That’s because it includes the Windows Defender Application Guard for Microsoft Edge, which was announced last September but is finally available for testing today. This Application Guard essentially encases your browser in a virtual machine, so that if your browser ever gets attacked by malware, it won’t affect the rest of your PC. To enable this, you need to use the “Turn Windows features on or off” dialog, and then mark the checkbox for “Windows Defender Application Guard.” Now when you open Microsoft Edge and click on the menu, you’ll see the option for a “New Application Guard window.” Click it, and a new special isolated browser window will appear. The whole thing is possible due to the Virtualization Based Security (VBS) made possible by Windows 10. The virtual PC created by Application Guard would keep the Edge browser separate from storage, other apps and the Windows 10 kernel. Other browsers offer “sandboxes” too, but Microsoft says that Application Guard is unique because there’s a hardware container that makes it impossible for malware and other exploits to seep through. There are a couple of caveats though. Running Edge in a virtual machine will likely slow it down, and since each browser’s session is siloed, all data and cookies are lost once you close it. It’s also only available for Enterprise users for now, presumably because their security needs are much higher than the average person. Still, perhaps it could be introduced as an optional feature later on for everyday users. Aside from Application Guard, the Windows 10 Insider Preview Build also includes an improved PDF Reader for Microsoft Edge and integrated Cortana settings.

Read More:
Microsoft tests a secured Edge browser for business