What changes have been made to the Windows 10 security-related features?

Recently, Microsoft's new Windows system has attracted widespread attention in the industry. Its downloadable Windows 10 technology preview demonstrates the addition and improvement of the new system in terms of operational flexibility, navigation capabilities, and system interface.

Microsoft Windows and Information Security Core Application Development Manager Oliver · Nihus said on his blog that Microsoft is doing a lot of development on Windows 10's information security features. Recently, the changes in Windows 10's security features and the impact on third-party security software have been analyzed in detail.
Windows 10 technology preview version A major change in the kernel part is to refactor the code of the kernel Win32k system that has been more than 20 years old, and divide it into three. Win32k is the kernel part of the Windows window system. It manages the user interaction of the system's window display, screen output, message passing, keyboard and mouse touch input and output, as well as the graphics device interface and the interface package provided for DirectX. The experience and performance of the user interface that users experience in this Windows 10 technology preview version may be greatly inseparable from the reconstruction of the system.
Zheng Wenbin said that the refactoring of the Win32k system on the Windows 10 Technology Preview also brought new security challenges to Microsoft. The Win32k system was previously known as the most vulnerable component of the Microsoft kernel. A kernel patch fixes the records of 30 Win32k kernel vulnerabilities. Whether the Windows kernel security is improved or decreased after this refactoring, whether more vulnerabilities will be introduced will require further research and evaluation by global security experts.
This Windows 10 technology preview also brings some new operating system-level underlying security mechanisms, such as the implementation of the flow control protection (CFG) that was discovered in the Windows 8.1 leaked version and was closed in the official version. , may raise a certain threshold for user-state vulnerability attacks against Windows 10 Technology Preview.
Zheng Wenbin also pointed out that the refactoring of the kernel in the Windows 10 technology preview version also brings some technical difficulties for the security software to support the Windows 10 technology preview version, because most security software with complete active defense functions needs to be implemented for the Win32k system. Processing to achieve protection against UI attacks, this change has caused security vendors to modify some mechanisms to adapt to the rebuilt win32k system, some technical strength is insufficient, the kernel code considers poor security vendors even on the Windows 10 technology preview version Blue screen.