Techly NewsGet the app

Get the latest tech news

Microsoft didn't sandbox Windows Defender, so I did (2017)


Microsoft exposed their users to a lot of risks when they released Windows Defender without a sandbox. This surprised me. Sandboxing is one of the most effective security-hardening techniques. Why …

Windows Defender’s unencumbered access to its host machine and wide-scale acceptance of hazardous file formats make it an ideal target for malicious hackers. During the past 13 years Microsoft has developed a great security engineering organization, advanced fuzzing and program testing, and sandboxed critical parts of Internet Explorer. Rather than taking Project Zero’s approach to the problem by continually pointing out the symptoms of this inherent flaw, let’s bring Windows Defender back to the future.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Microsoft

Microsoft

Photo of Windows Defender

Windows Defender

Related news:

News photo

Microsoft: Word deletes some documents instead of saving them

News photo

Microsoft’s 343 Industries rebrands as Halo Studios, adopts Unreal Engine

News photo

Microsoft Lisp

« Apple Adds 9 New Features to iCloud Website
How private intelligence companies became the new spymasters »