Hello Reader,
One of the problems we are having recently in Windows 10 forensics is that what would previously be identified with a major service pack version or a new version of Windows is now being marked as a feature release. These releases are changing the behaviors we rely on in forensics and we are going to have to start referring not just to Windows 10 but the build of Windows 10. This isn't going to stop in the near future as Microsoft says that they plan to just iterate Windows 10 for the foreseeable future.
If you look at some of Adam Harrison's recent blogs you'll notice he has multiple major versions of Windows 10 running within different VMs. I think this kind of setup will be necessary going forward and we are going to have do more regression testing of artifacts both old and new to understand the new normal.
I'll be following this up with what the major releases are so we can start building a common vernacular in describing Windows 10. For now just be aware that just because its Windows 10 does not mean that any previous Windows 10 research still applies without testing.
One of the problems we are having recently in Windows 10 forensics is that what would previously be identified with a major service pack version or a new version of Windows is now being marked as a feature release. These releases are changing the behaviors we rely on in forensics and we are going to have to start referring not just to Windows 10 but the build of Windows 10. This isn't going to stop in the near future as Microsoft says that they plan to just iterate Windows 10 for the foreseeable future.
If you look at some of Adam Harrison's recent blogs you'll notice he has multiple major versions of Windows 10 running within different VMs. I think this kind of setup will be necessary going forward and we are going to have do more regression testing of artifacts both old and new to understand the new normal.
I'll be following this up with what the major releases are so we can start building a common vernacular in describing Windows 10. For now just be aware that just because its Windows 10 does not mean that any previous Windows 10 research still applies without testing.
Also Read: Windows 10 Notifications Database
Post a Comment