Microsoft has announced a series of security updates in Windows 10 and this applies to Windows defender as well. Windows Defender is Microsoft’s free anti malware service and in the new Windows 10 update, you can now set it periodically scan your device instead of having to do that manually. This won’t stop you from using your security software but as they put it at Microsoft, this update scans your computer in case your anti-virus software missed something. “Defender scores improve substantially over the last 12 months improving to 99.8% detection in prevalence testing in April 2016 – a more than 11 percent improvement year over year” and more users have come to identify with this formerly little known feature.
Security is key to individuals and organisations which is why we see companies investing more in it. Speaking further on the new updates, Rob Lefferts who is the Director of Program Management at Windows Enterprise and Security spoke more on the new security features that you should expect when you upgrade.
The update brings with a new era of some sort of pre-emptive protection which means before the attack happens, there should be an alarm that triggers your device to take security measures. Using Microsoft’s SmartScreen technology, you are pre-warned when you visit an untrusted site for instance. On the internet, Edge will isolate your device from such threats by alerting you. For this to happen when on the internet for example, Microsoft Edge had to be fortified further to enable it make browsing more secure. Here’s how that happens;
The use of our AppContainer sandboxing technology enables us to isolate the browser from the rest of the OS, apps and user data.
A new plug-in model prevents plug-ins implemented with insecure designs from running.
New mitigations in ASLR and Control Flow Guard harden the browser from code injection and memory corruption attacks to help defeat common exploit techniques, such as heap spraying and ROP.
Untrusted and malicious fonts that were served by web pages and embedded in docs are now blocked and the font parsing code has been sandboxed.
Flash threats are also further isolated outside the browser so that it doesn’t affect you device.
“Hardware based isolation, with Virtualization Based Security (VBS). VBS uses the processors’ virtualization extensions to create a hardware-based security boundary between sensitive Windows components and data and the rest of the operating system.” They use Trusted Platform Module (TMP to further isolate your hardware from security breaches. TMP is an international standard that is designed to secure hardware with string encryptions that makes it eventually almost impossible to break into a device. Trusted Platform Module Library Specification Revision 01.16 was released in October 2014 as the latest TPM 2.0 release. Bringing Windows Hello’s biometrics into this hardware encryption environment, advanced threats can be mitigated. So it’s a combination of hardware encryption standards and biometrics that does the trick according to Microsoft.
At a time when individuals and companies alike are more concerned about the security of their device and data, Hello’s biometric authentication requirements can be used to provide identity protection. We now see devices with biometric capabilities and that’s what Microsoft wants to leverage on using Hello because according to the Windows blog, a user can now set up Windows Hello on a PC that isn’t equipped with a biometric sensor, and unlock it with biometrics enabled in wearables or enterprise-authorized companion devices, like phones or employee badges.
If you have suffered an attack, Defender now has a way of allowing you investigate breaches across end points within your organisation through Windows Defender Advanced Threat Protection (WDATP) which provides a new post-breach layer of protection to the Windows 10 security stack.
Another concern that this update touches on is leaks within organisations using Windows Information Protocol (WIP) known as enterprise data protection in the past. WIP separates your business data from personal information thereby making it easier to quickly isolate company data in events on a breach. WIP prevents data leaks by helping to block control networks and data access by blocking and overriding authorised users.
That’s a summary of security features to expect when you update your Windows 10 software.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
