How virtualisation is changing Windows application security

Sandboxes, minimal processes, Hyper-V containers, Device Guard: virtualisation delivers a lot more than VMs in modern Windows.

How to create a Windows 10 system image and use it to restore your computer If you have a spare hard drive, you could have a ready-to-use system image to redo your computer if something goes wrong. Here's how to get set up and make use of a Windows 10 image.

Virtual machines (VMs) isolate an entire operating system, and if what you really want is to isolate a single application, or even a single process, that's a heavyweight way of doing it. Windows 10 uses the Microsoft hypervisor, Hyper-V, for multiple different levels of virtualisation — to do everything from protecting the way users log into Windows to letting Windows reclaim memory allocated to sandboxed applications. That means virtualisation can improve Windows security without the overheads and restrictions of carving the system up into traditional VMs.

This requires more integration between Hyper-V and the Windows kernel: in some cases, the kernel is doing things that the hypervisor would traditionally have done; in others the kernel doesn't do all the work it would usually do to manage a process.

SEE: Windows 10 security: A guide for business leaders (Tech Pro Research)

Putting the kernel in charge

Windows Defender Application Guard (WDAG) is an enhanced security mode for the Edge browser that runs a minimal Windows shell on a 'slimmed down' Hyper-V instance that only runs Edge.

windows-virtualisationtrwdag2.png
Image: Microsoft

Nothing running in the Application Guard window can cross the boundary into your Windows desktop, so you can use it to visit untrusted websites without fear of information being stolen or malware being downloaded. But the WDAG container securely shares DLLs, executables and other OS resources between guest and host, so the container only takes 18MB of disk space. It picks up language and accessibility settings from Windows, and the kernel can also suspend or deprioritise the container when it's not being actively used.

Windows Defender Application Guard was originally only available on SA licensed Enterprise editions of Windows 10. However it's now available to Pro users, too, although that's limited to starting it manually — enterprise-managed mode, where admins can choose which are trusted domains and documents can be downloaded to the host PC, still needs Windows 10 Enterprise. Either way, you'll need to turn it on in Windows Features.

SEE: Windows 10 power tips: Secret shortcuts to your favorite settings (Tech Pro Research)

That integration gets even more granular with the Windows Sandbox that will be in the upcoming 1903 release of Windows. This is an on-demand clean Windows 10 instance that's designed to help developers and testers try out new software without affecting their Windows installations.

Virtual machines run in partitions that have a virtual view of the CPU and get their own private virtual memory address region, with Hyper-V handling processor interrupts, scheduling threads on the virtual processors and remapping physical memory addresses to the virtual memory addresses. To make it a lightweight way of isolating an application to run on a separate Windows kernel, so it can't affect the main Windows system, the sandbox uses the same physical memory pages as the main Windows system rather than virtual memory addresses.

windows-virtualisationtrsandbox.png

Windows Sandbox uses the same physical memory pages as the main Windows system rather than virtual memory addresses.

Image: Microsoft

That direct mapping saves resources, but is done without sharing secrets between the host and the sandbox. Hyper-V doesn't schedule the virtual processor that the sandbox uses either: the Windows kernel has a new integrated scheduler that lets the Windows host OS manage sandbox like any other process and decide when it runs. Similarly, the Windows host allocates and schedules graphics resources for the virtualised application in the sandbox alongside other running applications: an 'enlightened' DirectX graphics driver runs in the virtual machine that understands it's virtualised and co-ordinates with the graphics driver running on the Windows host to make that work. Because hardware-accelerated rendering uses much less power (it's for things like speeding up web browsing and Photoshop, as well as for actual graphics), that improves battery life.

Giving the kernel more control over the application in the sandbox (which is presumably less important than applications that are installed normally) means it can't get in the way of higher-priority tasks in Windows and slow the system down. Meanwhile, code running in the sandbox remains completely isolated from the rest of Windows, so security people can use it to test out exploits and malware, while developers can use it to try out code they're developing.

Unlike a Hyper-V VM, the Windows Sandbox doesn't save any state between sessions: each time you run it you get a completely new instance of Windows — right down to the default apps. That gives you a known state to work from, but does also mean you'll need to reload any apps or test data each time you use it.

Stripped down VMs

Virtualisation-Based Security (VBS, previously known as Virtual Secure Mode and now also known as the Windows Defender System Guard container) takes this in the other direction, giving the Windows kernel less control in case it's been compromised.

windows-virtualisationtrwdsg.png
Image: Microsoft

VBS uses Hyper-V to create secure 'memory enclaves' — isolated regions of memory within the address space of a user mode process that are completely controlled by the hypervisor. They run at a higher virtual trust level than the rest of Windows (VTL1 rather than VTL0) because they use the hardware virtualisation features of 64-bit Intel and AMD CPUs and TPM 2 to create a secure space with attestation on a PC that's otherwise untrusted.

If a process in VTL0 tries to read memory in an enclave, Windows throws an invalid access exception. The kernel and kernel-mode drivers can't tamper with what's in the enclaves, so even if the kernel is compromised by malware there's a level of system defences it can't disable or override.

Any code loaded into the enclave is signed, so its integrity can be guaranteed. If you put the enclave into debug mode, that removes memory isolation so there's an attestation report that shows what mode the enclave is in. This allows for secure communications between two enclaves, or a remote check of device health. When Windows boots, Windows Defender System Guard uses the TPM to measure the integrity of the firmware, hardware configuration and Windows boot components. That's signed and stored securely, and can be checked by antimalware or device management tools, either on the same device or remotely for health checks as part of conditional access.

SEE: Photos: Classic Windows screensavers from Windows 1.0 to Windows 98

These enclaves are created as 'minimal processes' that Windows doesn't manage. A minimal process is an empty user-mode address space, and while the kernel will handle scheduling threads to run in it, it's not responsible for creating the threads that run there. This is different from the pico processes used for Windows Subsystem for Linux (WSL), although they were added to the kernel at the same time.

The way this works is that the Hyper-V hypervisor loads first when the PC boots, before Windows does — but that's just the hypervisor, not the Hyper-V networking services and management stack. Windows is still running as the host OS for normal virtualisation and those Hyper-V services are loaded if you need them to run VMs. But the hypervisor abstracts the Windows host OS from the hardware, which allows the hardware to be shared between Windows and the specific processes and memory that Hyper-V runs in these secure enclaves.

windows-virtualisationtrtrustlets.png

'Trustlets' are programs running as IUM (Isolated User Mode) processes in Virtual Secure Mode (a.k.a Virtualisation-Based Security or Windows Defender System Guard).

Image: Microsoft

Those are called 'trustlets' and for Windows they're things like Kernel Model Code Integrity (KMCI), Hypervisor Code Integrity (HVCI) and the Local Security Authority, LSA. The LSA Subsystem Service (LSASS.EXE) is what manages security policies and user accounts, verifying user logins to Windows, applying AD policies, creating access tokens and logging audit alerts. LSASS.EXE runs in Windows as usual, so legacy services that need to talk directly to the service still work. But it's really just a stub talking to the 'isolated' instance of LSA running in the secure enclave (LSAIso). That means the Windows logon process is protected, blocking whole categories of attacks.

Device Guard, now known as Windows Defender Application Control, uses the combination of HCVI and custom code integrity levels to limit what applications can run on a PC.

You'll need to use Group Policies or Intune to push lists of trusted applications to groups of users, locking down PCs to only the set of applications you want to run. You probably don't want to run Device Guard on all your PCs — just ones that handle critical applications and services, or that are intended to be used for specific tasks, like call centers and help desks. The same tool protects Windows kernel code, reducing the risk of malware affecting PCs.

One of the more common ways of attacking networks is privilege escalation, using stored credentials to raise an attacker's access privileges. Windows Defender Credential Guard aims to reduce those risks by isolating secrets and credentials so that they can only be accessed by known trusted system software.

Unlike WDAG, these features are only available on Enterprise and Education editions of Windows 10 — and on Windows Server. SQL Server's Always Encrypted mode also uses secure enclaves to safely decrypt encrypted data for things like indexing without exposing it.

Read more about Windows 10

By Simon Bisson

Born on the Channel Island of Jersey, Simon moved to the UK to attend the University of Bath where he studied electrical and electronic engineering. Since then a varied career has included being part of the team building the world's first solid state...