Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How does Windows 10 virtualization-based security work?

The Isolated User Mode in Windows 10 is a virtualization-based security technology that helps power Credential Guard and Device Guard.

Isolated User Mode, part of Microsoft's virtualization-based security technology, is brand new to Windows 10.

Windows 10 virtualization-based security has not received much attention so far, but it is one of the operating system's most significant security features.

The idea behind virtualization-based security is actually simple. If a process, or data, is virtualized, then it is isolated from the rest of the operating system, and therefore it is more difficult to tamper with. Isolated User Mode allows for a secure kernel and secure applications.

A number of different areas of the Windows operating system rely on virtualization-based security. Credential Guard, for example, uses a virtualized environment to store and prevent credential theft. In the past, hackers could steal credentials with a pass the hash attack, which virtualization-based security protects against.

Device Guard is another operating system security feature that uses virtualization-based security. In previous versions of Windows, if an attacker somehow gained administrative privileges to tamper with the app control policy for a device, she could allow malicious apps to run on the device.

With Device Guard, the app control policy can only be updated if a trusted signer signs it. That way, an attacker cannot modify the app control policy to let prohibited apps run on a device. This technique is far more secure than relying on AppLocker alone.

Next Steps

A deeper look at Device Guard credential

How Windows 10 ups the security game

Explore Windows Hello and Passport

Will Microsoft change its virtualization licensing with Windows 10?

This was last published in February 2016

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Windows 10 security guide to fortify your defenses

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How well does virtualization-based security work?
Cancel

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close