With the launch of its Windows 10 Creator Update (also known as RedStone 3), which is expected to release sometime between September and October 2017, Microsoft is planning to release lots of security features in an effort to prevent major global malware crisis.
Just a few days ago, we reported about Microsoft's plan to build its EMET or Enhanced Mitigation Experience Toolkit into the kernel of the upcoming Windows 10 to boost the security of your computer against complex threats such as zero-day vulnerabilities.
Also, the tech giant has planned to remove the SMBv1 (Server Message Block version 1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — from the upcoming Windows 10 (1709) Redstone 3 Update.
Now, Microsoft is turning to artificial intelligence (AI) to create next generation of antivirus software.
Microsoft has revealed that its Windows Defender Advanced Threat Protection (ATP), a Windows 10 enterprise service that flags early signs of infection, will soon be augmented with AI-driven malware analysis.
"The stack will be powered by our cloud-based security intelligence, which moves us from a world of isolated defenses to a smart, interconnected, and coordinated defense grid that is more intelligent, simple to manage, and ever-evolving," Microsoft explains in a blog post.
In the Fall Creators Update for Windows 10, Microsoft will use a broad range of data from Redmond's cloud services, including Azure, Endpoint, and Office, to create an AI-driven antivirus that can pick up on malware behavior and protect other PCs running the operating system.
So, when a new file is discovered by Microsoft's anti-malware cloud service and determined to be malware, its signature will be created, and the AI system will then look for similar malware on other Windows PCs that have network connectivity.
It means this new AI-driven anti-malware system will eliminate the need for users and sysadmins to configure clients and servers to install local patches of antivirus signatures, stopping attacks as they happen and before they have an impact.
Microsoft told CNET that its upcoming update would rely on machine learning from more than 400 Million PCs running Windows 10 to prevent the next global malware crisis like WannaCry and Petya Ransomware attacks.
According to Rob Lefferts, Windows Enterprise, and Security Director, 96 percent of cyber-attacks involve new and zero-day malware, which takes the company hours to create signatures.
But the new AI system will significantly speed up that process by looking for instances of odd behavior within apps to detect an attack.
"If Word were to start allocating memory in big chunks when it never does, we would be able to detect that," Lefferts said. "We built the machine learning models around common applications like Word."Besides this new upgrade, Windows Defender Advanced Threat Protection also includes some new features like browser-focused Application Guard and cloud-related Device Guard and Exploit Guard.