Microsoft is trying to maintain the protection of personal computer devices operating its Windows operating system and make it safe through the so -called Windows Red Team members, a group of pirates inside Microsoft, who spend their days find gaps within the most famous operating system in the world,As many companies have the so -called red team, so that these teams perform the same purpose, which is to play the role of the attacker and verify weaknesses and gaps within the new and old copies..
Members of the Red Team try to find gaps before infiltrators, as a very large number of hackers focus their efforts to find gaps within the Windows operating system, which still has a market share of up to 90 percent within portable computer and office computers around the world, so that soThe appearance of a vulnerability that is poorly exploited within this system may threaten millions of computer devices used in various fields.
David Weston, the main director of security engineering in Windows, urged Microsoft four years ago to rethink and try a different approach to how it dealt with the security and protection of its Windows system, and Weston says: “The company was previously relied on reward programs to find gaps or community relationships orActual attacks to know Windows weaknesses, and then spend time trying to fix this, and it is clear that these methods are not perfect when the risks are very large..
Weston wanted to change these traditional methods followed by Microsoft by inspiring his experience with infiltrators in events such as PWN2ONN, and instead of waiting for valuable statistics on weaknesses in Windows, Weston began forming a team mainly carrying out daily piracy operations targeting Windows,The team currently includes members such as Jordan Rabet, VikTor Brang, Adam Zabrocki and Jasika Bawa, where the name Jordan Rabet emerged by discovering a loophole on the Nintendo 3DS gaming platform in 2014.
Jordan Rabet is currently focusing on the safety of the browser, as well as he played a major role in Microsoft's response to SpecTre and Meltdown gaps that rocked the computers industry less than a year ago by influencing the various types of modern processors used within the devices, while Viktor Brang, residing in Sweden, helpedIn response to the Eternal Blue piracy tool, which was leaked by NSA by examining the full set of source code used to create the system.
The ADAM Zabrocki's deep experience in Linux helped to address the problems of the nucleus and virtual simulation, while Jasika Bawa helps convert the team's results into actual improvements to the product, so that the red team spends its day in attacking Windows, and each year develops and exploits the gaps to test their counterpart's abilityDefenders within the blue team.
This team is communicated quickly when emergency situations such as Specter or Eternal Blue, and companies are able to bear the cost that they realize that they may be targeted to create a red team of their own, and Microsoft has several other red teams that focused more on operational issues.
Aaron Lint, who works regularly with the red teams, said that he is the chief scientist at the Arxan Protection Company.The system by developing malicious software instructions capable of providing material returns for it, so that Windows is the most important and clear goal..
The team achieved some important victories that greatly helped Microsoft, as in addition to helping to alleviate the effect of Spectre and Eternalblue, the team contributed to repelling a hunting attack by a famous Russian piracy group called Fance Bear, which Microsoft calls the Strontium named Strontium, Use Win32K.
"In most of the browser attacks, you first need to penetrate the so -called protection mode in the browser, then you need a way to get out of this protection mode to do what you want, such as stealing information or constant access to the device, and it has been found to us that Win32K is the perfect place to doThus, "and by attacking Win32K, the team managed to discover unveiled techniques to benefit from the attack.
The goals of the goals for the team are determined by different things such as focusing on following what hackers try to exploit or the features that are tested and are relatively sensitive, so that the team needs to be selective, and Adam Zabrocki says: “The gaps will always be present, and we cannot fix all mistakes inThe world, and in the presence of large, complex and sophisticated products such as Windows, it is better to focus on broader solutions such as detection of errors and anomalies in the nucleus, which helps prevent a full set of problems..
The Windows Red team is only part of Microsoft's efforts to protect its operating system, which will always remain a target for pirates, noting that the team does not issue corrections, so that this is related to internal mechanisms within the company, and one of the team members says that he regrets that Microsoft may need sometimes.To months to fix what the internal and external security researchers consider to be serious issues.
