The Microsoft Red Team which attacks Windows like a hacker

Almost four years ago, the principal security group manager for Windows, David Weston, pitched an idea for Microsoft to try a different approach to how it handled security, Wired reported.

Previously, the company relied on bug bounties, community relationships, or attacks to see where it needed to build defences.

Weston said he was tired of only responding to known issues, rather than discovering new ones.

Inspired by his experience with whitehat hackers at events like Pwn2Own, he started a Red Team that would work as if there was a Windows hacking contest every day of the year.

Among the security fixes the team has been involved in include Microsoft’s response to the disclosure of Spectre and Meltdown, as well as the leak of the NSA’s Windows hacking tool – Eternal Blue.

The team also found and fixed previously-undisclosed security holes in the Win32k kernel-driver, an old and large attack surface for attackers.

Now read: Big Windows 2018 update — All the new features tested

Latest news

Partner Content

Show comments


Share this article
The Microsoft Red Team which attacks Windows like a hacker