In a move that bodes well for the future of Windows 10 endpoint security, Microsoft and Bromium this week signaled that the next major version of Windows will include support for micro-virtualization.
The news was announced at the Microsoft Worldwide Partner 2015 conference. Bromium CTO Simon Crosby says the fact that Bromium and Microsoft pledged to work closely on integrating support for micro virtual machines in Windows 10 means it will be simpler to isolate endpoints from malware.
Specifically, the Bromium micro virtual machine is a hypervisor based on Xen that invokes features built into Intel, AMD and other CPUs to create hardware-isolated micro-VMs for each task a user performs on information originating from unknown sources. Crosby couldn’t say exactly when Microsoft would be able to take advantage of micro VMs using its own hypervisors, but by pledging support, Crosby says Microsoft is clearly signaling that it intends to take endpoint security up a few notches from where it is currently in Windows 10.
Crosby, however, doesn’t envision micro VMs being widely adopted. Instead, it will be mostly enterprise IT organizations that need to ensure higher levels of security that will deploy micro VMs as a way to make sure that malware never gets a chance to infect the underlying operating system or any other firmware on the system, for that matter. That means, instead of relying on antivirus software that has proven to be ineffective, Crosby says that micro VMs eliminate the need to worry which code is being executed on the endpoint altogether.
At present, Crosby says Bromium has 135 enterprise IT customers. But with the arrival of Windows 10 in the enterprise, Bromium is betting that number is going to rise considerably in the months ahead.