The gate Arab news technical
Trying to Microsoft to maintain the protection devices the PC operating system operating windows and make them secure through the so-called members of team Windows red Windows Red Team, they are a group of pirates is available inside Microsoft, who spend their days in finding loopholes in the operating system the most famous in the world, which owns many of the companies called team red, so as to lead those teams the same purpose, which is to play the role of the attacker and of the weaknesses and gaps within the fabric of new and old.
Members of the RED team found vulnerabilities by hackers, as it focuses a very large number of inventors and their efforts to find gaps within your Windows operating system, which still enjoys a market share of up to 90 percent within the computers portable computers desktop in all over the world, so that the appearance of the loophole exploitable badly under this system could threaten millions of computers used in various fields.
David Weston David Weston, Director of engineering and security key in Windows had urged Microsoft four years ago to re-think and experience a different approach to how their cooperation with the security and protection of its system of Windows, says Weston: “the company had previously depended on rewards programs to find the gaps or their relationship to community or actual attacks in order to know the weaknesses of Windows, and then spend some time trying to fix this, it is clear that these methods are not ideal when the risks are too great”.
And wanted The are change these traditional methods followed by Microsoft through drawing inspiration from his experience with hackers at events like Pwn2Own, instead of waiting to obtain valuable statistics about vulnerabilities in Windows, began Weston in the formation of the team fundamentally undermines the implementation of the piracy daily target Windows system, so that the team’s current members, such as Jordan Rabet, and Viktor Brange and Adam Zabrocki and Jasika Bawa, and figured out where the name Jordan Rabet across discovered a loophole within the games platform Nintendo 3DS in 2014.
Focuses Jordan Rabet, currently on the security of the browser, besides that he played a key role in the response of Microsoft on the gaps Spectre and Meltdown that shook the industry of computers less than a year ago via their impact on different types of modern processors used in hardware, while helped Viktor Brange, submitted in Sweden, in response to the hacking tool ad hoc for Windows Eternal Blue that was leaked by NSA by checking the full set of code source used in the creation of the system.
Helped experience Adam Zabrocki deep in the Linux system Linux to address the problems of nuclear and virtualization, while helping Jasika Bawa in the conversion of the results of the group to real improvements of the product, so that eliminates the RED team gel day in the attack the windows, and in each year develop and exploit the gaps to test the ability of their counterparts of the defenders within the blue team.
The communication with this team is fast when emergencies occur such as the Spectre or Eternal Blue, and companies capable of carrying cost which include that they may be targeted to the creation of team red, has owned Microsoft several teams red and the other focused more on operational issues.
Explained Aaron Linton Aaron lint checks for, who works regularly with team red being holding the position of chief scientist at security company Arxan: “still the Windows represents the central repository for malware, and being a user within a lot of business activities around the world the mentality of the attacker moving towards the exploitation of this system through the development of code that is malicious is able to provide the proceeds of the material, so that it is considered to be windows the most important goal and clearer”.
The team achieved some important Victories that helped bring the basis of Microsoft significantly, in addition to assistance in mitigating the impact of the gap Spectre tool EternalBlue, it has contributed to the team in fending off phishing attack was carried out by a group hacking famous Russian named Fancy Bear, which launches the Microsoft name strontium Strontium, Win32k.
Says Weston: “in most attacks the browser, you first need to penetrate the so-called protected status in the browser, then you need a way to get out of protection mode This is to do what you want such as steal information or constant access to the device, has been shown to us that the Win32k is the perfect place to do it,” and by attacking Win32k, the team was able to discover techniques not previously disclosed to take advantage of them in the attack.
And feel free priorities and goals for the team based on different things such as focus on the follow-up to what the pirates try to exploit or features that are tested are considered relatively sensitive, so that the team needs to be selective, says Adam Zabrocki: “will continue to be gaps always exist, and we can’t fix all the mistakes in the world, and in the presence of the products of large, complex and sophisticated such as Windows, it is best to focus on solutions to the wider such as the discovery of errors and oddities in the kernel, which helps in preventing a whole range of problems”.
The Windows team red as the only part of Microsoft’s efforts to protect its system operational, which will always be the target of hackers, with reference to that incredible team patches, so that this in regard to the mechanisms of the internal within the company, says one of the team members he regretted that Microsoft may sometimes need to months to repair what the researchers gung internal and external auditors of both serious issues.
How it works the Windows team red to protect computers