The Windows 10 Fall Creators Update Feature Focus
by Brett Howse on November 10, 2017 8:00 AM ESTSecurity Updates
Security is a never-ending battle, and each update Microsoft continues to add more features to help prevent malicious attacks. They have several new features that are worth going over for the Fall Creators Update.
Windows Defender Exploit Guard
The Enhanced Mitigation Experience Toolkit has been replaced with Windows Defender Exploit Guard features, and the EMET is no longer supported on Windows 10 v1709. Windows Defender Exploit Guard is a new set of Host Intrusion Prevention features which can be used to reduce the attack surface of Windows 10. It’s designed for an enterprise environment, and completely customizable through Group Policy.
It offers four general feature sets, which are exploit protection, attack surface reduction rules, network protection, and controlled folder access. For a full rundown on all of these new features, be sure to check out docs.microsoft.com which has all of the details and proper settings.
Windows Defender Application Guard
Application Guard is designed for Microsoft Edge to isolate untrusted sites, which are going to be a huge concern for any IT department. Internet Explorer did have some features to help in these scenarios, but Application Guard takes it to a whole new level by actually opening untrusted sites in an isolated Hyper-V enabled container, completely cut off from the host operating system. Any malicious code on the site would not be able to access the host OS, at least not easily, which offers a significant amount of protection over just blocking scripts and flash. The ability to do this through policy, and have only allowed trusted sites to run out of the container, is very powerful and is a strong reason to consider Edge for the enterprise.
Ransomware Protection
One specific feature to call out in Exploit Guard is the controlled folder access, which is a mitigation for ransomware. Ransomware has become a huge problem, and having malicious software encrypt your hard drive can put a damper on anyone’s day. Controlled folder access works by locking down folders to only authorized apps have access to the files. Luckily, controlled folder access is available to all in Windows 10, without needing any Group Policy to set it up.
You can enable controlled folder access right in the Security Center for Windows 10, and customize which folders you want it enabled for.
The idea behind controlled folders is pretty simple. Folders can’t get encrypted if the process doesn’t have access to them. Sometimes simple is the best.
Facebook
Twitter
RSS
95 Comments
View All Comments
Cryio - Friday, November 10, 2017 - link
I like the few fluent design elements in Start and Action Center. But why doesn't the Taskbar has it?Why are most Win32 application chrome window full solid color, a la W8?
Why does Edge get so few features when releases are either 6 to 9 months apart? Most other browsers seem to add a lot of features every 4/5 weeks. But not Microsoft.
Anyway, Edge being faster/efficient/more reliable is a welcome improvement.
Acrylic is nice.
People is nice, if useless at the moment.
Polishing Action Center is nice.
Mixer improvements are nice.
Aaaaand I still hate that Skylake on Surface Pro 4 at least limits CPU speed to 800 MHz when watching Youtube videos using Edge.
StormyParis - Friday, November 10, 2017 - link
"The new pattern of a spring and fall (or fall and spring, depending on your location)"or Autumn ?
Zak - Friday, November 10, 2017 - link
"anit-cheating" typo? On the "Gaming Updates" page.Also, besides bringing back some depth and transparencies there is zero in this update for me. Gaming Mode is something disable first. Leave my games alone Microsoft. Microsoft *does not* get PC gaming.
Bixx - Friday, November 10, 2017 - link
You forgot the "feature" where many people's start menu won't work anymore or is missing most items. Over 400 people on the MS forum have this problem (which mean many more "out there" surely do too), yet MS hasn't even acknowledged the problem).Gunbuster - Friday, November 10, 2017 - link
Or as I like to call it the creators update update.Someone at Microsoft now runs a team devoted to creating updates for creators update update.
jgeis - Friday, November 10, 2017 - link
It's probably worth mentioning that there's a problem with clean installs of Windows 10 Fall Creator's Update (1709) where opening Edge browser causes the State Repository Service process to spike your CPU to 100% and essentially locks up the PC. You can get around this by installing another browser off a USB stick, but it's really annoying on a fresh build. Some other actions also seem to trigger it, as well.B3an - Friday, November 10, 2017 - link
You never go in to enough detail for these updates. Your articles always miss out loads of new stuff and changes. The only reason i visit this site is for in-depth articles, not "The Verge" level crap, minus the SJW shit.Ryan Smith - Friday, November 10, 2017 - link
B3an, was there something in particular you were looking for that you didn't see? We're still trying to figure out the right level of depth for these Windows updates, especially since they're not wholly new OSes, and a lot of feature information is published ahead of time.(None the less, this was still 6K word, 10 page article)
SkyDiver - Friday, November 10, 2017 - link
How sad all of this is. The horror story continues ever since Win8. It still looks flat and dead. So many things wrong with this "operating system."Lolimaster - Friday, November 10, 2017 - link
Isn't it funny all this "for the user" naming MSFT uses for Windows Spyware 10, each "fancy name" iteration breaks 5 more thing than the one it fixes.Windows 10 Fallen to the crapper edition.