Windows 10 is redefining the way we think about security. Window 10 offers improved identity and access control, cloud security integration, and containerization to enhance safety without hammering the end-user experience.
We will see Windows 10 1803 (Spring Creators update) Security Enhancements in this post. Get Smart on Windows 10 Application Security is another topic that I will cover in this post.
Windows 10 is becoming more secure with Windows Defender with the latest announcement from Microsoft.
Microsoft released the Windows Defender Browser Protection extension for Google Chrome allows you to add a layer of protection when browsing online.
This is powered by the same trusted intelligence found in Microsoft Edge
Content of the Post
What is Windows 10 Security Architecture?
Windows Security Settings Page
File System Access to Applications
New Ransomware Settings Page
Microsoft Edge Security Enhancements
Device Security Settings Page
Windows 10 Application Security
What is Windows 10 Security Architecture?
Windows 10 security architecture is made based on 3(three) principles. Those three(3) security principles are protection, detection, and response.
Windows 10 pre-breach mitigation is aimed at device protection and threat resistance. Following are the main pillars of Windows 10 security architecture.
Device Protection
Thread Resistance
Identify Protection
Information Protection
Breach Detection Investigation & Response
My Picks of Windows 10 1803 Security Enhancements
As per my analysis of Windows 10, the Spring Creators update has many security improvements. Following are some of my favorite security enhancements in the Windows 10 1803 Spring Creators update.
I have some other posts on Windows 10 security topics, and I recommend reading those to get more details about the Windows 10 security roadmap and architecture.
- Learn Key Security Features of Windows 10 Enterprise Environment
- What is Endpoint Security Configuration Management for Windows 10 Devices
- Windows 10 Security Compliance Manager Installation Video
- Learn How to Secure Windows 10 Devices in a Modern, Sophisticated Way
Windows Security Settings Page
This is one of my favorite cosmetic changes, and I will keep this as my first Windows 10 1803 Security Enhancements. When you go to Windows 10 1803 Settings, you won’t be able to see Windows Defender.
You could see something new called Windows Security – The Windows Defender page is being renamed Windows Security.
Windows defender security center is your home to view and manage the security and health of your device. It provides access to the different areas of security guarded by Windows Defender.
File System Access to Applications
New Windows 10 1803 Privacy Settings – Allow Apps to access your file system. If you allow access to apps, you can choose which apps can access your file system.
This is the fundamental strategic approach for future revolutions of Windows Security Enhancements, and that is why this is on my list of Windows 10 1803 Security Enhancements.
Windows 10 1803 grants permission to certain apps to have global file system access automatically. In the future, each Windows 10 app will also ask for the end-user or admin permissions, similar to iPhone or iOS devices.
New Ransomware Settings Page
Windows 10 1803 Windows Defender Security Center moved its “Controlled folder access” settings to a new page called Ransomware protection. This page helps protect your files against threats like ransomware and see how to restore files in case of an attack.
Also, give an option to enable controlled folder access. This enables us to protect files, folders, and memory areas on your Windows 10 device from unauthorized changes by unfriendly applications.
Microsoft Edge Security Enhancements
The default antivirus on Windows 10 is now getting Windows Defender Application Guard is part of Windows 10 1803 default antivirus. Application guard is a security feature that isolates pages you view on Microsoft Edge.
This also isolates the pages from each other and Windows to provide an extra layer of security against zero-day attacks and malware.
I always try to use Microsoft Edge if I’m browsing through unknown websites. Edge gives me more confidence about the protection of my browsing data. Hence this is one of the best Windows 10 1803 Security Enhancements.
Device Security Settings Page
Windows defender security center – Device Security settings have a new option in Windows 10 1803. Core isolation virtualization (Hyper-V supported hardware) based security is running to protect the core parts of your devices.
Get Smart on Windows 10 Application Security
Savvy IT pros know that their Windows 10 enterprise is only as secure as the shadiest app allowed to run. Locking down Windows 10 applications is as crucial as guarding the OS itself.
Register for Windows 10 Application Security
Friday, April 27
9am PDT / 12pm EDT / 6pm CEST
Sami Laiho, leading Windows OS & security expert and Microsoft MVP, helps you master application security in this webinar. Windows 10 Enterprise brings a wealth of built-in features and tools to protect your applications.
High-Level Agenda of the webinar • Best practices for application security in a Windows 10 enterprise • How to reduce attack surfaces with Windows Defender Exploit Guard • How to eliminate the need for third-party antivirus/antimalware with Windows Defender • Why whitelisting is no longer optional, and how to nail it • Is SmartScreen good enough to protect your company? • How to leverage Application Guard, Application Control, and Edge browser virtualization • The basics of Office 365 Encryption • Techniques for saving time securing tens of thousands of endpoints
Hi – Thanks for sharing this document. Have you deployed Win 10 1803 using SP.
I would like to deploy in place upgrade of Win 10 1709 to Win 10 1803 Creators Update using Windows 10 Servicing plan. I don’t see Windows 10 Feature update 1803 yet under Windows 10 Servicing. I have performed All software updates within CB1802. Appreciate your input.
Ram
Hey Ram – It’s (1803) NOT released yet via WSUS if I’m not wrong.
Okay, those upgrades work really well, however, I find it really inconvenient to perform on older computers. And I’m not talking about super old schools: i3/i5 with WIN10 still can get up to several hours to update – is it normal?
Considering the major implications of the vulnerabilities present with Windows Credential Guard for Windows 10, this is just another reason why users would do well to stick with Windows 7 or those whom have Win10, to revert back to the Win 7 platform, since it is by it’s very nature, much more controllable in terms of overall system security.
In Win 10, as is now confirmed, there are far greater attack vectors present and even greater exploitation possible as opposed to a properly hardened Windows 7 system.
It’s time for Windows users to face the music with regard to these security vulnerabilities of critical concern. Stay with Windows 7 for now. If you have Windows 10, the smart thing to do is down-grade to Windows 7 instead.
These recently discovered gaping holes in system security with Windows 10, are just a few of the many security risks you will encounter if you choose to swallow Microsoft’s Horse-Sh** by upgrading to or keeping Windows 10.
Microsoft is no different than any other money-hungry, fascist, corporate thug of an entity out there, hell bent upon taking advantage of us any way they can and they’re using Windows 10 to accomplish this monumental task.
At least with Windows 7, you still have a fighting chance to not only lock down system security very tightly, but also to keep all of the corporate meddling via telemetry and other various methods, at bay, so long as you know what you are doing.
Don’t listen to Microsoft’s trolls and their corporate goons. With regard to Win10, they, like all the other fascist corporate creeps (including Google) only care about one thing———Exploitation for profit!
So stay with Windows 7 until 2020? And what would be your suggestion after 2020 … Move to MacOS or Chrome book 😀
Stay with Windows 7. There’s no need to go to Windows 10 and I’ve never been much of a Mac-Fan-Boy either. It’s all just hype to force us to accept their manipulative & exploitative agenda.
By the time Win7 even comes remotely close to suffering the same fate as XP, we might just see far better alternatives to the current OS contenders anyway——-and may even be able to sever our reliance upon the evil empire all together. But that’s still a far way off. Until then, your advice is sound.
As far as I’m concerned, I’m taking my Win7 to the grave. Microsoft would have to pry it from my cold dead hands, if they ever really wanted to try to rip it away from me.
I like my PC and my control over my PC——-period!
https://www.youtube.com/watch?v=SesvS0XokrA
Hi – Has anybody tried Servicing Plan to deploy Win 10 v1803? I have created everything by the book and the install is going on for few hours. I am trying to upgrade v1709 to v1803 using CB1802. Which logs do, I need to check on the client machine to find out what is going on? It has been 2 hours passed and the install circle is spinning and spinning.
Last upgrade from v1703 to v1709 went smoothly without any issue and I was able to complete the process in 120 minutes.
Thanks
Ram
Hi – Just finished v1803 Servicing Plan update. The update took around 3 hours within home lab. Will have to spend some time to test out new features in v1803. The update was from v1709 to v1803.
Ram