Shortly after Google’s Threat Analysis Group revealed a “critical” Windows vulnerability in a public blog post, Microsoft has come out with a statement that effectively says Windows 10 is the most secure operating system the company has ever built. But that’s not all.
Microsoft’s Executive VP, Windows and Devices Group, Terry Myerson, threw more light on the threat, saying that the Microsoft Threat Intelligence group points to an activity group that it calls STRONTIUM as being responsible for conducting a “low-volume spear-phishing campaign.”
Myerson reiterated what the Microsoft spokesperson said, and advised users to move to Windows 10. He also said that the company is currently testing patches for older versions of Windows, and that these patches would be released on Update Tuesday on November 8.
Adding that Google’s revealing of the security vulnerability was “disappointing”, he said that disclosing such vulnerabilities before the patches were made available essentially put “puts customers at increased risk.”
Windows 10 currently offers an add-on service called Windows Defender Advanced Threat Protection (ATP) for enterprise customers, a free anti-malware service that is able to detect attempted attacks like the one mounted by STRONTIUM. Myerson attributes that to the “generic behavior detection analytics and up-to-date threat intelligence” of Windows Defender ATP.
You can trial Windows Defender ATP here.
While Google’s revelation of the Windows bug cannot be called a deliberate attempt to put Microsoft’s customers at risk, Microsoft seems to look at it that way. In a way, Microsoft’s stand makes sense because different types of security vulnerabilities require varying timelines to create and deploy patches. There’s no one-size-fits-all for this sort of threat, and it isn’t Google’s place to decide how much time is “adequate” before the bug is made public.
And Microsoft has a valid point when it says the revelation puts their customers at greater risk because not all Windows users have switched to Windows 10 at this point. Although Microsoft wants strong adoption for the new operating system, we found that only about 20% of consumer and enterprise users have actually taken advantage of the free Windows 10 upgrade or purchased a copy after the free upgrade deadline on July 29, 2016.
But since we’ve been following the matter closely, we know that a free Windows 10 upgrade is still possible for users of licensed versions of Windows 7 and Windows 8.1. Here’s how to get your free Windows 10 upgrade:
For those using assistive technologies:
For those looking for a disc image (ISO file) for a clean install without a product key:
For now, it seems that users of older Windows versions are still wide open to the STRONTIUM threat, so get your free Windows 10 upgrade and protect yourself now so you don’t have to wait for Update Tuesday on November 8 for the security patch for your current Windows version.
Thanks for reading our work! Please bookmark 1redDrop.com to keep tabs on the hottest, most happening tech and business news from around the world. On Apple News, please favorite the 1redDrop channel to get us in your news feed.