With the new Canary build of Windows 11 Build 25905, Microsoft has introduced additional kernel components rewritten in the Rust programming language to improve memory security.
Microsoft announced that the new Windows 11 Build 25905 on the Canary channel introduces additional components of the Windows Kernel, rewritten in the Rust programming language, which provides improved memory security.
Rust is considered a safer alternative to C and C++ due to memory improvements that help prevent common problems such as null pointer accesses, buffer overflows, and dangling pointers that can lead to system crashes and security breaches.
Rust enforces strict rules for parallel programming, mitigating race conditions in which multiple threads access and modify shared data at the same time. Developers can write concurrent code that is thread-safe and race-safe.
This is critical for kernel processes because memory bugs can allow attackers to execute commands at the highest privilege levels in Windows. Therefore, ensuring security by changing the programming language is one of the priorities for Microsoft.
Amanda Langowski and Brandon LeBlanc of Microsoft said:
Rust offers the benefits of increased reliability and security over traditional programs written in C/C++. In this preview, we’ve implemented secure Rust language implementations of key kernel functions. In particular, win32kbase_rs.sys contains a new GDI realm implementation. Although this is a small trial run, we will continue to increase the proportion of Rust code in the core.
Windows GDI is a separate API layer between user-mode applications and Windows drivers that allows applications to request graphics features and pass them to the driver through the kernel.
The “GDI Regions” functionality, rewritten in Rust, contains functions that can be used to create rectangles, polygons, or ellipses (or combinations thereof).
New implementations of the Rust-based Windows kernel are just starting to roll out in Windows 11 Insider Preview Build 25905 on the Canary channel and are not yet available to all users of this channel.
David Weston, vice president of OS security at Microsoft, spoke about Redmond’s commitment to moving towards memory-safer languages at the BlueHat IL 2023 cybersecurity conference.
Mark Russinovich, CTO of Microsoft Azure, first revealed that Redmond began rewriting parts of the Windows 11 kernel in Rust back in May.
The new build of Canary also contains a long list of new features that have already been made available to users on the Dev Channel, including Dev Drive (Development Drive), backup and restore improvements (Backup), Dynamic Lighting, Windows App SDK version for File Explorer and Galleries, and much more.
With this preview, Microsoft is ending support for Arm32 UWP apps for Windows on Arm. This means that after an OS update, installed Arm32 applications will no longer run on users’ devices.
After installing the update, users will need to manually remove outdated apps and install the version from the Microsoft Store. This will install a compatible version that will work on updated devices registered on the Canary channel.
In June, Microsoft began rolling out a preview of its AI-based personal assistant, Windows Copilot, and a built-in passkey manager for Windows Hello to systems in the Dev channel.
