Bulletins

Microsoft's new Windows 11 update 'eradicates' a key hacker tactic

The Windows operating system will now be able to prevent a popular method of stealing credentials by default, according to Microsoft.

Microsoft's new Windows 11 update 'eradicates' a key hacker tactic

Microsoft needed to make sure the security feature didn't impact PC performance before turning it on.

Image: Microsoft

Microsoft is hoping that adoption of its latest version of Windows 11 will wipe out a popular technique for stealing credentials, thanks to the company's move to turn on certain security features by default in the operating system.


The Windows 11 2022 update is generally available today. Among the on-by-default security features in the new version of Windows 11 is Credential Guard, which protects against the theft of login and password data stored in Windows.

The technique for stealing login and password information is known as "credential dumping," and it's widely used by attackers ranging from ransomware operators to nation-state hackers. Credential dumping entails copying credentials from several different areas within Windows, often with the help of a software tool such as Mimikatz.

Organizations will automatically be protected against this tactic by updating to the latest Windows 11 version, as Credential Guard will be turned on by default for the first time, according to David Weston, vice president for enterprise and OS security at Microsoft.

Ultimately, the new Windows 11 update "eradicates the most common techniques from a credential-dumping standpoint," Weston told Protocol.

Illegitimate use of credentials is the largest source of data breaches by far, according to Verizon, which found that credentials usage was responsible for 48% of breaches in 2021.

While Microsoft has offered Credential Guard as an optional feature since Windows 10, few organizations have used the feature because it wasn't on by default, Weston said.

For Microsoft to turn the feature on by default, the company had to ensure that the underlying technology used by Credential Guard, known as virtualization-based security, could run without delivering an outsized hit to PC performance, he said. Microsoft now feels confident that it's able to do that as part of the new version of Windows 11, according to Weston. (The ability to run virtualization-based security features by default was a main driver for the higher CPU requirements for Windows 11, Weston has said.)

Other security features will be on by default in the new Windows 11 version as well. Those include hypervisor-protected code integrity, which prevents the modification of Windows kernel code such as drivers (as occurred in the WannaCry attack), and another feature aimed at thwarting credential theft (credential isolation with Local Security Authority protection).

Meanwhile, Microsoft is also introducing features aimed at preventing malware (Smart App Control) and phishing (Microsoft Defender SmartScreen) in the latest Windows 11 update.

All in all, "I would say Windows 11 is substantially more secure than [Windows] 10 at this point, from a feature standpoint," Weston said. "I expect a lot of the momentum — particularly in commercial — for Windows 11 will be driven by security."

The successor to the Windows 10 operating system, Windows 11 was first introduced in October 2021. As of June, 23.1% of Windows PCs were running Windows 11, according to a report from AdDuplex.

Latest Bulletins

Affirm is testing a bonus rewards program for its "buy now, pay later" product, Fast Company confirmed, addressing a major gap between the short-term payment plans and conventional credit cards. CEO Max Levchin first teased the idea in the company's fourth-quarter earnings call in August.

Keep Reading Show less

President Joe Biden on Friday will sign an order to implement the details of an agreement with the EU, including new privacy protections for the bloc's citizens that authorities hope will finally regularize data flows between the two continents.

Keep Reading Show less

David Hatfield has stepped down as co-CEO of cloud security vendor Lacework but will remain on the company's board of directors, Protocol has learned.

Keep Reading Show less

California’s new pay transparency law, SB 1162, promises to shake up compensation in the tech industry by requiring employers in the state to list pay scales in job ads and reveal pay information to both the state and to current employees. We spoke with Susan Alban, operating partner and chief people officer at Renegade Partners, and compensation consultant Ashish Raina to learn how.

Keep Reading Show less

Pour one out for the Lightning cable.

Keep Reading Show less

Carbon dioxide removal service buyers and sellers are focused on one metric: $100 per ton. It’s one of Frontier’s stated criteria that the fund uses to evaluate its advance purchases. In a survey of the long-duration carbon removal community, CarbonPlan found that stakeholders are focused on the $100 benchmark. The Department of Energy even announced that it would be investing in carbon removal research to bring the cost of the technology down to $100 per ton.

Keep Reading Show less

When Google announced the closure of its Stadia cloud gaming platform last week, the news was delivered at roughly the same time to employees, partners, and players on Thursday morning. Within hours, it had become clear that Stadia’s shutdown, planned for next January, would involve more than just refunding consumer purchases and quietly bowing out.

Now developers are scrambling to salvage planned projects, migrate players to other platforms, and figure out whether they’re still owed money from Google before the search giant puts Stadia out to pasture for good.

Keep Reading Show less

Trading of Twitter shares was briefly halted midday as CNBC and Bloomberg reported that Elon Musk now plans to go through with his deal to buy Twitter for $54.20 a share. The news was later confirmed.

Keep Reading Show less

The U.S. is set to unveil a fresh set of policies Thursday aimed at choking off China’s access to advanced chip manufacturing technology and the chips themselves, according to a person familiar with the matter.

Keep Reading Show less

Companies like Meta and Lyft have stopped hiring for the year, and that’s music to the ears of other tech companies that are still staffing up. Much of talent sourcing still takes place on LinkedIn, but many recruiters have found their own techniques to use the service more efficiently. We asked LinkedIn’s VP of talent acquisition and three outside recruiters for their best LinkedIn hacks for sourcing talent.

Keep Reading Show less

Kim Kardashian broke the internet, and according to the Securities and Exchange Commission, she also broke the securities laws.

Keep Reading Show less

On Thursday, California Gov. Gavin Newsom signed into law a bill that makes phone calls from California’s prisons free of charge. The new law places the cost of calls not on incarcerated people — or the people receiving calls from them — but on the state’s Department of Corrections and Rehabilitation.

California is the second state after Connecticut and the biggest state by far to institute such a law, which is a direct shot at the $1.4 billion prison telecom industry. For years prison telecom companies have maintained rates that “can be unjustly and unreasonably high, thereby impeding the ability of inmates and their loved ones to maintain vital connections,” the FCC said in 2020.

Prison reform advocates argue the new California law will have a hugely positive impact on the families of incarcerated people in California — and potentially other states that follow California's lead.

Keep Reading Show less

Rohit Chopra arrived as director of the Consumer Financial Protection Bureau one year ago today. True to his reputation as an aggressive watchdog from his time as an FTC commissioner and an earlier stint at the CFPB, he has pursued a busy agenda that’s setting up regulatory battles to come.

Keep Reading Show less
Tech salaries are about to get a lot more transparent. On Tuesday, Gov. Gavin Newsom signed a new law to require California employers to post salary ranges in job postings and report hourly pay data by employees’ race and sex to the state. We spoke with four employment lawyers and other pay transparency experts about what this means, and how to comply.
Keep Reading Show less

Microsoft said Friday it's "working on an accelerated timeline" to provide a patch for two newly disclosed vulnerabilities affecting Exchange email servers, which the company acknowledged have been used in attacks on customers.

Keep Reading Show less

Google is stepping up its push for open video formats: The company plans to force hardware manufacturers to support the AV1 video codec if they want to run Android 14 on their mobile devices, according to comments left in recent commits to the Android Open Source Project (AOSP) that were first spotted by Esper senior technical editor Mishaal Rahman.

Keep Reading Show less

A troubling new vulnerability affecting Microsoft Exchange email servers has been disclosed by researchers, though details are still emerging on the severity and exploitability of the flaw.

Keep Reading Show less

The gas-powered vehicle ban dominoes have begun to fall.

Keep Reading Show less

Tech industry groups are once again pleading with the 5th Circuit to block HB 20, Texas' on-again, off-again social media law, which the court recently allowed to take effect.

Keep Reading Show less

Sometimes a major "hack" isn't really a hack at all, such as with some breaches caused by the mishandling of APIs.

Keep Reading Show less

The neobank MoneyLion charged service members excessive fees for loans and often refused to cancel paid memberships, according to a lawsuit filed Thursday by the Consumer Financial Protection Bureau.

Keep Reading Show less

Google is shutting down its Stadia cloud gaming service, nearly three years after its launch and roughly 18 months since the company shut down its internal game development division.

Keep Reading Show less

Amazon announced pay raises and the rollout of new benefit programs to warehouse employees Wednesday. But one of those products may pose increased risks to the company’s most precarious workers: the expanded rollout of Amazon’s Anytime Pay Program.

Keep Reading Show less

More pay transparency is coming to California. The Golden State is joining New York City, Colorado, and Washington in requiring employers to disclose pay ranges in job ads.

Keep Reading Show less

Cost-cutting in tech is officially hitting the industry’s titans. After years of ruthless staffing up, both Meta and Google have told some employees to find new jobs within the company or leave, according to a report in The Wall Street Journal.

Keep Reading Show less
Bulletins