This content is part of the Essential Guide: Windows 10 security guide to fortify your defenses
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How does Windows 10 virtualization-based security work?

The Isolated User Mode in Windows 10 is a virtualization-based security technology that helps power Credential Guard and Device Guard.

Isolated User Mode, part of Microsoft's virtualization-based security technology, is brand new to Windows 10.

Windows 10 virtualization-based security has not received much attention so far, but it is one of the operating system's most significant security features.

The idea behind virtualization-based security is actually simple. If a process, or data, is virtualized, then it is isolated from the rest of the operating system, and therefore it is more difficult to tamper with. Isolated User Mode allows for a secure kernel and secure applications.

A number of different areas of the Windows operating system rely on virtualization-based security. Credential Guard, for example, uses a virtualized environment to store and prevent credential theft. In the past, hackers could steal credentials with a pass the hash attack, which virtualization-based security protects against.

Device Guard is another operating system security feature that uses virtualization-based security. In previous versions of Windows, if an attacker somehow gained administrative privileges to tamper with the app control policy for a device, she could allow malicious apps to run on the device.

With Device Guard, the app control policy can only be updated if a trusted signer signs it. That way, an attacker cannot modify the app control policy to let prohibited apps run on a device. This technique is far more secure than relying on AppLocker alone.

Next Steps

A deeper look at Device Guard credential

How Windows 10 ups the security game

Explore Windows Hello and Passport

Will Microsoft change its virtualization licensing with Windows 10?

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How well does virtualization-based security work?