The change that Microsoft has made has been to introduce two new APIs to help driver developers to create more secure software. Microsoft’s goal is to reduce memory-related security flaws, which involve around 70% of patches Microsoft has released in the last decade, in part because Windows 10 is written in C and C ++, which is why they are trying to migrate some of its Windows components to Rust.
Between 5 and 10% of Windows 10 CVEs could stop happening
The failure it generates has to do with uninitialized memory, specifically affecting uninitialized kernel resources that account for around half of all memory problems that were reported by Microsoft between 2017 and mid-2018.
Microsoft’s solution is called «pool zeroing«, Introduced through the API of Windows Kernel Pool in Windows 10 May 2020 Update (2004). According to Microsoft, this mitigation will eliminate all such vulnerabilities in one fell swoop, accounting for between 5 and 10% of all CVEs in recent years.
The APIs, called ExAllocatePool2 and ExAllocatePool3 will allow driver developers to be more explicit with what they are doing in their program, so there will be no doubt if a developer wanted a part of the memory to be left unused, since that behavior will be specified in the API, and it will not be possible to take advantage of that empty space because it will no longer exist.
In order to use the new APIs, Microsoft has had to make some changes to the code. Thus, for example, they have had to improve the memory management system of Windows, in addition to making changes in future releases of the Hyper-V and network components. The goal is to convert all the kernel code to the new API, and you’re also exploring how to do it to avoid problems with third-party drivers.
Microsoft has discovered more flaws this year than ever
Although Microsoft claims that attacks against unused memory will still be possible, the likelihood that they will reappear is much lower. Hopefully this helps reduce vulnerabilities and flaws discovered in Windows 10, where the company released the patch that fixed the most security flaws in the history of the operating system last June with a total of 129. So far in 2019 616 patches have been released, so we are on track for 2020 to be a new record year.