Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Microsoft Will Bring DNS Over HTTPS (DoH) to Windows

Microsoft this week revealed plans to adopt DNS over HTTPS (DoH) in Windows 10 in an attempt to keep user traffic as private as possible.

Microsoft this week revealed plans to adopt DNS over HTTPS (DoH) in Windows 10 in an attempt to keep user traffic as private as possible.

Already set to arrive in Chrome and Firefox, DoH support in Windows means encrypted DNS queries, which essentially closes plain-text domain name transmissions in common web traffic and should result in a more secure overall Internet ecosystem.

DNS encryption, Microsoft says, doesn’t require DNS centralization if adoption is broad among operating systems and Internet service providers alike.

While aiming at ensuring encrypted DNS support doesn’t break existing device admin configurations, Microsoft says that Windows DNS should be as private and functional as possible by default and that users and administrators should be able to easily access DNS settings for increased control over their privacy.

Furthermore, the company notes that Windows users and administrators should be able to improve DNS configuration fast and easy, without specialized knowledge, and that they need to explicitly allow fallback to unencrypted DNS once Windows has been configured.

“As a platform, Windows Core Networking seeks to enable users to use whatever protocols they need, so we’re open to having other options such as DNS over TLS (DoT) in the future. For now, we’re prioritizing DoH support as the most likely to provide immediate value to everyone,” Microsoft says.

DoH, the tech giant points out, allows it to reuse its existing HTTPS infrastructure, and the first step toward adopting the protocol is to use DoH for the DNS servers that Windows is already configured to use.

Several public DNS servers already support DoH and Windows could automatically upgrade to DoH when using them.

Advertisement. Scroll to continue reading.

One of the main benefits of this approach, Microsoft says, is that there will be no changes made to which DNS server Windows was configured to use by the user or network. This should not affect content filtering settings that users or admins have adopted to block specific websites.

It also brings privacy benefits to users and applications even if they do not know about DNS and without requiring action from them. It also means that DoH use will be enforced on server connections, which should surface disruptions ahead of broader rollout.

Next, the company will look for more privacy-friendly ways for users to discover Windows’ DNS settings and to make those settings DoH-aware, so that they could configure DoH servers explicitly.

“With encrypted DNS gaining more attention, we felt it was important to make our intentions clear as early as possible. We don’t want our customers wondering if their trusted platform will adopt modern privacy standards or not,” Microsoft says, adding that DoH has yet to become available to Windows Insiders.

Related: Google Makes DNS Over HTTPS Generally Available

Related: DNS-over-HTTPS Coming to Firefox

Related: DNS-over-HTTPS Coming to Chrome 78

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Checkmarx has appointed Scott Gainey as Chief Marketing Officer.

Jason Hogg has been named Executive Chairman of CYPFER.

HUB Cyber Security has appointed former PayPal and American Express executive Paul Parisi as its Global Chief Revenue Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.