Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/25/2017
04:45 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
0%
100%

Windows 10 Update: 10 Key New Security Features

Microsoft is tightening its focus on Windows 10 security with several new security tools in its latest major OS update.
Previous
1 of 11
Next

Windows 10 security is getting a face-lift in the Fall Creators Update, which Microsoft started rolling out last week. The update is packed with several new tools intended to give administrators and users more granular control over security.

Updates pertaining to Windows 10 security are increasingly relevant to businesses as more swap older versions of Windows for the latest. Microsoft reports 90% growth in commercial devices year over year as enterprise, small business, and education users make the switch.

The most recent batch of security and management features addresses common business security concerns like ransomware, application security, credential theft, and polymorphic malware. Overall, they indicate a broader transition from reactive to proactive security.

"With continuous updates, and focus on security, they're responding quickly to changing attack patterns on the OS in a way they weren't before," says Gartner Vice President Peter Firstbrook of Microsoft's approach to security management in Windows 10.

Here, we take a closer look at the newest security tools in Windows 10 and dig a little further into how each works. Which of these features do you think will be most helpful for managing your security operations? Where do you think Microsoft could further improve security? Feel free to share your thoughts in the comments.

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
gudguy1
100%
0%
gudguy1,
User Rank: Strategist
11/18/2017 | 4:31:34 PM
Not a White Paper - pages of ads...
Okay, I also stopped after the 2nd page - I despise scrolling through multiple pages.

Many sites allow you to click on the 'print' pages link to see all pages on 1 page, even if you do not print them out.

This, I agree, is too much trouble...
gudguy1
100%
0%
gudguy1,
User Rank: Strategist
11/18/2017 | 4:19:28 PM
Re: terrible way to show white paper?
Yep, I'm with you. Have had multiple headaches over the years with this site. Got worse after BUM, errr, I mean UBM stepped in... Pain!!!!

I already replied to another comment but this is how much of a pain it is to me as well....
gudguy1
100%
0%
gudguy1,
User Rank: Strategist
11/18/2017 | 4:18:46 PM
Re: I'm done with you.
To jedj,

Yep, I'm with you. Have had multiple headaches over the years with this site. Got worse after BUM, errr, I mean UBM stepped in... Pain!!!!

Tried to log in on my smart phone (android 7, samsung s6, with all the latest software updates) - logged in but would not fully register to pull the 'papers' down.... not the first time.

The problem with this site, 'some' of the 'white papers' are actually white paper pdfs but some, which we do not know in advance - are not.  And if you try to click on print, to see all of the pages on one screen - you may not see those total pages.

What they want, is to show you ads, as much as possible.
jedj
100%
0%
jedj,
User Rank: Apprentice
11/17/2017 | 12:11:29 PM
I'm done with you.
I login looking for a white paper that can be downloaded and read when time allowed, but it's an article split into eleven pages.  The additional time and effort is not worth going through your format.  I will not be coming back to your website again.
srm16475
100%
0%
srm16475,
User Rank: Apprentice
11/14/2017 | 8:53:33 AM
terrible way to show white paper?
So the email I get says it is a 'white paper'.  After loggin in it isn't - and I have to go through way too many pages in order to view the so called white paper.  I don't know how much time you have on your hands, but I do not.  Do not call it a white paper if it isn't in a pdf form.  Don't waste my time.
DEisenlohr945
100%
0%
DEisenlohr945,
User Rank: Apprentice
11/6/2017 | 1:26:45 PM
posting of Windows 10 Update: 10 Key...
When I look at a posting, I expect the document to be a PDF so I can save the entire document, not 11 separate pages.
RyanSepe
100%
0%
RyanSepe,
User Rank: Ninja
10/27/2017 | 7:43:12 AM
Windows Defender Exploit Guard
This is a fantastic start! Analyzing consistent behaviors will provide a good basis for prevention for consumers. However, I wonder how many non-malicious false positives will occur.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
New 'Nanodegree' Program Provides Hands-On Cybersecurity Training
Nicole Ferraro, Contributing Writer,  8/3/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11937
PUBLISHED: 2020-08-06
In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1.
CVE-2020-15114
PUBLISHED: 2020-08-06
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting i...
CVE-2020-15136
PUBLISHED: 2020-08-06
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given domain, which occurs in the discoverEndpoints func...
CVE-2020-15701
PUBLISHED: 2020-08-06
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.1...
CVE-2020-15702
PUBLISHED: 2020-08-06
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges....