Microsoft announced that the latest Windows 11 build shipping to Insiders in the Canary channel comes with additional Windows Kernel components rewritten in the memory safety-focused Rust programming language.
Rust is seen as a safer alternative to C and C++ due to its memory safety improvements which help prevent common issues such as null pointer dereferences, buffer overflows, and dangling pointers that could lead to system crashes and security breaches.
It also enforces rigorous rules for concurrent programming, mitigating data race conditions where multiple threads concurrently access and modify shared data, thus allowing developers to write concurrent code that is secure and free from data races.
This is critical for Kernel processes as memory bugs could allow attackers to execute commands at the highest privilege levels in Windows. Therefore, securing them with a memory-safe programming language would be a priority for Microsoft.
“Rust offers advantages in reliability and security over traditional programs written in C/C++. This preview shipped with an early implementation of critical kernel features in safe Rust,” said Microsoft’s Amanda Langowski and Brandon LeBlanc on Wednesday.
“Specifically, win32kbase_rs.sys contains a new implementation of GDI region. While this is a small trial, we will continue to increase the usage of Rust in the kernel.”
Windows GDI is an API layer that sits between user-mode applications and Windows drivers, allowing applications to request graphic output functions and have them relayed to the driver through the kernel.
The GDI Regions feature, now rewritten in Rust, contains functions that can be used to create rectangles, polygons, or ellipses (or combinations of these shapes).
The new Rust-based Windows kernel implementations are just starting to roll out with the Windows 11 Insider Preview Build 25905 to the Canary Channel and are not yet accessible to all Insiders in the Canary Channel.
David Weston, Microsoft’s Vice President for OS Security, shared more during the company’s BlueHat IL 2023 cybersecurity conference regarding Redmond’s goal to switch to memory safety languages for kernel development.
Microsoft Azure CTO Mark Russinovich first revealed in May that Redmond started re-writing parts of the Windows 11 kernel in Rust.
Today’s Canary build also comes with a long list of new features that have already been rolled out to Insiders in the Dev channel, including Dev Drive, Backup and Restore improvements (Windows Backup), Dynamic Lighting, the Windows App SDK version of File Explorer and Gallery, and more.
This Insider release is also deprecating support for Arm32 UWP applications from Windows on Arm, which means that Arm32 applications will no longer launch on Arm devices after upgrading.
After upgrading to the new build, fixing Arm32 applications will require a manual process of uninstalling and reinstalling them from the Microsoft Store.
This will allow you to install a compatible version that will run on upgraded devices enrolled in the Canary channel.
Last month, Microsoft also began rolling out an early preview of its AI-powered Windows Copilot personal assistant and a built-in passkey manager for Windows Hello to systems enrolled in the Dev channel.
Source: www.bleepingcomputer.com