The Windows 10 Fall Creators Update includes some flashy new features and some upgraded apps for things like image creation. There’s an augmented reality feature, new gaming features and some functions such as the Start Menu have become easier to deal with.
But deep down inside where you can’t see them are new features that make Windows safer and will help preserve your data.
Two of those features, Windows Defender Exploit Guard and Windows Defender Advanced Threat Protection have been around in other versions and under other names.
What’s new is that they’re now part of Windows 10 Enterprise and they’re available as part of the update to Windows 10 Creators Update. These features are designed to prevent malware, including ransomware, from working. They’re also intended to work as part of an overall enterprise security solution.
Smaller organizations that aren’t using the enterprise version of Windows are also getting some significant security updates with the Windows update. Perhaps most important is the ransomware protection that comes as part of Windows Defender Antivirus. The new ransomware protection is intended to prevent unauthorized changes to applications and data in Windows.
Windows Defender also provides virus and malware protection that operates in real time. Threat definitions are provided in real time from Microsoft’s cloud services.
The Windows Fall Creators Update also includes new levels of security built into the Edge browser including Windows Defender SmartScreen, which protects against malicious websites and infected downloads.
The Windows Defender Exploit Guard is a holdover from the Enhanced Migration Experience Toolkit, which has been discontinued. The Exploit Guard is a network intrusion detection system that includes a set of intrusion rules and policies that are designed to fight advanced threats including zero-day exploits.
The Exploit Guard is paired with the Windows Defender Application Guard which will isolate any malware that manages to find its way into a Windows computer. AG will then prevent the malware from getting into the corporate network, while also making the nature of the threat visible to the security staff so they can eliminate it.
Application Guard for the Edge browser is designed to launch Edge in a virtual machine if you browse to an unknown or untrusted site. That way, any malware the browser encounters will be confined to the virtual machine and terminated when the virtual machine session ends. Unfortunately, this feature is limited to the enterprise version of Windows 10 and to computers running Hyper-V.
Meanwhile, Windows Defender Device Guard is now being made part of Windows Defender ATP. Device Guard prevents untrusted code from running.
All of the features of the enterprise version of the Fall Creators Update are managed by a single security dashboard that’s part of the Windows Defender Security Center.