BSI: Updated analyzes of security-critical Windows functions

The BSI reports that it has updated its security analyzes from the SiSyPHuS project. These are now up to date with Windows 10 Version 1809.

Windows is still the focus of attackers and therefore requires special attention to secure configuration. The aim of the SiSyPHuS project is to develop hardening proposals for this and to analyze security-critical functions of Windows 10. The Federal Office for Information Security (BSI) has now presented updated analysis results for Windows 10 in organizations and companies.

The project abbreviation stands for Studie to system integrity, Protocollation, Hhardening und S >security functions in Windows 10. The resulting recommendations for action from the SiSyPHuS project are primarily aimed at IT managers and technically experienced users who are not afraid to study the Windows innards.

The BSI writes on Twitter that it has updated the technical analyzes of Windows 10 in the SiSyPHuS Win10 project. Disabling telemetry would also have been reconsidered. Many of the results could be transferred to Windows 11.

On the SiSyPHuS website, many articles in the chapter overview have now migrated from Windows 10 version 1607 to Windows 10 version 1809. This Windows version, which is now 3 1/2 years old, seems a bit outdated at first glance, but will still be supported in the LTSC version (Long-Term Servicing Channel) until 2029. The results from the analyses can be used for longer.

The BSI does not provide a document summarizing the changes. However, interested users will find a document with the name part “Difference Analysis” in each case. in the chapters on telemetry, TPM, Virtual Secure Mode, Device Guard and Powershell.

Unfortunately, the BSI does not explain more specifically to what extent and which results can be applied directly to Windows 11. At least no administrator is helped with the short reference to Twitter with regard to specific configuration adjustments under Windows 11. Especially since the BSI explicitly points out on the project page that all “statements in the published documents” refers “to the examined version (see above) of Windows 10 during the respective examination period” relate “Therefore, there is a fundamental possibility that the current versions of the operating system deviate from this”.

However, this does not detract from the usefulness of the analyzes for Windows 10. Almost exactly a year ago, the BSI helped protect Windows with three sets of group policies that administrators could import and distribute to better harden client installations against attacks.

Rate article
Leave a Reply