Windows 10 1803 Security Enhancements

8
Windows 10 1803 Security Enhancements

Windows 10 is redefining the way we think about security. Window 10 offers improved identity and access control, cloud security integration, and containerization to improve the security without hammering the end user experience. In this post, we will see Windows 10 1803 (Spring Creators update) Security Enhancements. Get Smart on Windows 10 Application Security is another topic which I’m going to cover in this post.

Windows 10 is becoming more secured with Windows Defender with the latest announcement from Microsoft. Microsoft released Windows Defender Browser Protection extension for Google Chrome allows you to add an additional layer of protection when browsing online. This is Powered by the same trusted intelligence found in Microsoft Edge. More details here.

Content of the Post

What is Windows 10 Security Architecture?
Windows Security Settings Page
File System Access to Applications
New Ransomware Settings Page
Microsoft Edge Security Enhancements
Device Security Settings Page
Windows 10 Application Security

What is Windows 10 Security Architecture?

Windows 10 security architecture is made based on 3(three) principles. Those three(3) security principles are protect, detect, and respond.  Windows 10 pre-breach mitigation is aimed at device protection and threat resistance. Following are the main pillars of Window 10 security architecture.

Device Protection
Thread Resistance
Identify Protection
Information Protection
Breach Detection Investigation & Response

My Picks of Windows 10 1803 Security Enhancements

As per my analysis Windows 10 Spring Creators update has many security improvements. Following are some of my favourite security enhancement in Windows 10 1803 Spring Creators update. I have some other posts on Windows 10 security topics, and I recommend to read those to get more details about the Windows 10 security road-map and architecture.

Windows Security Settings Page

This is one of my favourite cosmetic change, and I will keep this as my first Windows 10 1803 Security Enhancements. When you go to Windows 10 1803 Settings, you won’t be able to see Windows Defender. You could see something new called Windows Security – The Windows Defender page is being renamed to Windows Security.

Windows defender security center is your home to view and manage the security and health of your device. It provides access to the different areas of security guarded by Windows Defender.

File System Access to Applications

New Windows 10 1803 Privacy Settings – Allow Apps to access your file system. If you allow access to apps then, you can choose which apps can access your file system. This is the real strategic approach for future revolutions of Windows Security Enhancements, and that is why this is on my list of Windows 10 1803 Security Enhancements.

Windows 10 1803 granting permission to certain apps to have global file system access automatically. In future, each Windows 10 apps will also ask for the end user or admin permissions similar to iPhone or iOS devices.

Windows 10 1803 Security Enhancements

New Ransomware Settings Page

Windows 10 1803 Windows Defender Security Center moved it’s “Controlled folder access” settings to a new page called Ransomware protection. This page helps to protect your files against threats like ransomware, and see how to restore files in case of an attack. Also, give an option to enable controlled folder access. This enables us to protect files, folders, and memory areas on your Windows 10 device from unauthorized changes by unfriendly applications.

Microsoft Edge Security Enhancements

The default antivirus on Windows 10 is now getting Windows Defender Application Guard is part of Windows 10 1803 default antivirus. Application guard is a security feature that isolates pages those you are viewing on Microsoft Edge. This also isolates the pages from each other and from Windows to provide an extra layer of security against zero-day attacks and malware.

I always try to use Microsoft Edge if I’m browsing through unknown websites. Edge gives me more confidence about the protection of my browsing data. Hence this is one of the best Windows 10 1803 Security Enhancements.

Device Security Settings Page

Windows defender security center – Device Security settings have a new option in Windows 10 1803. Core isolation virtualization (Hyper-V supported hardware) based security is running to protect the core parts of your devices.

Get Smart on Windows 10 Application Security

Savvy IT pros know that their Windows 10 enterprise is only as secure as the shadiest app allowed to run. Locking down Windows 10 applications is every bit as crucial as guarding the OS itself. 

Register for Windows 10 Application Security

Friday, April 27
9am PDT / 12pm EDT / 6pm CEST

Sami Laiho, leading Windows OS & security expert and Microsoft MVP, helps you master application security in this webinar. Windows 10 Enterprise brings a wealth of built-in features and tools to protect your applications.

High Level Agenda of the webinar 

• Best practices for application security in a Windows 10 enterprise
• How to reduce attack surfaces with Windows Defender Exploit Guard
• How to eliminate the need for third-party antivirus/antimalware with Windows Defender 
• Why whitelisting is no longer optional, and how to nail it 
• Is SmartScreen good enough to protect your company? 
• How to leverage Application Guard, Application Control, and Edge browser virtualization 
• The basics of Office 365 Encryption 
• Techniques for saving time securing tens of thousands of endpoints 

8 COMMENTS

  1. Hi – Thanks for sharing this document. Have you deployed Win 10 1803 using SP.

    I would like to deploy in place upgrade of Win 10 1709 to Win 10 1803 Creators Update using Windows 10 Servicing plan. I don’t see Windows 10 Feature update 1803 yet under Windows 10 Servicing. I have performed All software updates within CB1802. Appreciate your input.

    Ram

  2. Okay, those upgrades work really well, however, I find it really inconvenient to perform on older computers. And I’m not talking about super old schools: i3/i5 with WIN10 still can get up to several hours to update – is it normal?

  3. Considering the major implications of the vulnerabilities present with Windows Credential Guard for Windows 10, this is just another reason why users would do well to stick with Windows 7 or those whom have Win10, to revert back to the Win 7 platform, since it is by it’s very nature, much more controllable in terms of overall system security.

    In Win 10, as is now confirmed, there are far greater attack vectors present and even greater exploitation possible as opposed to a properly hardened Windows 7 system.

    It’s time for Windows users to face the music with regard to these security vulnerabilities of critical concern. Stay with Windows 7 for now. If you have Windows 10, the smart thing to do is down-grade to Windows 7 instead.

    These recently discovered gaping holes in system security with Windows 10, are just a few of the many security risks you will encounter if you choose to swallow Microsoft’s Horse-Sh** by upgrading to or keeping Windows 10.

    Microsoft is no different than any other money-hungry, fascist, corporate thug of an entity out there, hell bent upon taking advantage of us any way they can and they’re using Windows 10 to accomplish this monumental task.

    At least with Windows 7, you still have a fighting chance to not only lock down system security very tightly, but also to keep all of the corporate meddling via telemetry and other various methods, at bay, so long as you know what you are doing.

    Don’t listen to Microsoft’s trolls and their corporate goons. With regard to Win10, they, like all the other fascist corporate creeps (including Google) only care about one thing———Exploitation for profit!

      • Stay with Windows 7. There’s no need to go to Windows 10 and I’ve never been much of a Mac-Fan-Boy either. It’s all just hype to force us to accept their manipulative & exploitative agenda.

        By the time Win7 even comes remotely close to suffering the same fate as XP, we might just see far better alternatives to the current OS contenders anyway——-and may even be able to sever our reliance upon the evil empire all together. But that’s still a far way off. Until then, your advice is sound.

        As far as I’m concerned, I’m taking my Win7 to the grave. Microsoft would have to pry it from my cold dead hands, if they ever really wanted to try to rip it away from me.

        I like my PC and my control over my PC——-period!

  4. Hi – Has anybody tried Servicing Plan to deploy Win 10 v1803? I have created everything by the book and the install is going on for few hours. I am trying to upgrade v1709 to v1803 using CB1802. Which logs do, I need to check on the client machine to find out what is going on? It has been 2 hours passed and the install circle is spinning and spinning.

    Last upgrade from v1703 to v1709 went smoothly without any issue and I was able to complete the process in 120 minutes.

    Thanks

    Ram

  5. Hi – Just finished v1803 Servicing Plan update. The update took around 3 hours within home lab. Will have to spend some time to test out new features in v1803. The update was from v1709 to v1803.

    Ram

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.