Software

Windows 10's new enterprise-grade security will block suspect app behavior, says Microsoft

All versions of Windows 10 will be able to block suspicious activity by apps following the next major feature update later this year.

Windows 10's security is getting beefed up as Microsoft brings features previously reserved for enterprise to all users.

Microsoft says elements of Windows 10's Enterprise edition's Attack Surface Reduction (ASR) feature, part of Windows Defender Exploit Guard, will be made available in all versions of Windows 10.

The ASR-related feature was rolled out yesterday to those testing early builds of the OS as part of the Windows Insider Program.

The latest Insider build, 17704, allows users to toggle on a new Block suspicious programs feature, which will "prevent behavior by an app or file that might infect your device". Microsoft says the feature uses ASR technology, which can forbid a range of risky behaviors, such as blocking executable content in an email or blocking Office applications from creating child processes. The feature is available within the Virus & threat protection Settings page. That said, the new feature doesn't sound as configurable as the ASR available to enterprise, and there are still a range of protections only available to users of the Enterprise version of Windows 10.

windows10insider.png

The new Block suspicious behavior feature.

Image: Microsoft

The addition is part of a gradual bolstering of Windows 10's overall security, with last year's Fall Creators Update improving ransomware protections by adding the ability to designate certain folders and documents as protected, so they would only be accessible to trusted applications. User folders such as Documents, Pictures and Downloads are protected by default.

SEE: IT hardware procurement policy (Tech Pro Research)

With this latest Insider build, apps that are automatically blocked from accessing user folders like Documents and Pictures, will also be able to whitelisted using a menu under Virus & threat protection->Ransomware protection->Allow an app through Controlled folder access.

Other security improvements in this latest release include displaying all threats to the system that need action in the Virus & threat protection section.

Users will also be able to view all of the security software and services running on the device under the new Security providers->Manage providers section in the Settings app. The page will provide links to relevant apps and to more information on resolving any issues with those apps.

Privacy improvements

Microsoft also continues to improve transparency in Windows 10, with this latest build including a new version of Windows 10's Diagnostic Data Viewer, the existing tool for viewing what information Windows 10 collects from users.

The new version also reveals what information is collected by Microsoft when an app crashes or has a problem. Users will be to view which apps triggered the crash report, when it was sent and details on what information was collected. The data shown may still not be intelligible to the average user, however.

Sets disappears from view

The latest Insider build also removes a major new feature called Sets, with the promise it will return in the future in an improved form. Sets will mark quite a departure for Windows , introducing the concept of tabbed windows. The feature will allow users to group together related apps, documents, files and websites into separate tabs in a single desktop window. By doing so, users will be able to group together everything related to a specific task inside one window, regardless of whether that content is an Office document or a website.

Its removal from the build coincides with sources telling TechRepublic's sister site ZDNet that the feature may now not be rolled out to all Windows 10 users when the next major feature update is released later this year.

Microsoft Edge browser also gets tweaks, with users able to block all autoplaying videos and the introduction of a Edge "Beta" icon so users can tell if they're using a test build of Edge.

Microsoft also revealed it is adding a new Windows image to its Windows Server container collection. This new image is addition to the existing Nano Server and Windows Server Core images. The Windows image is available to try for those running a container host on Windows Insider build 17704.

These new features are expected to be rolled out to all Windows 10 users for free later this year, with the release of the Redstone 5 feature update.

Microsoft indicated that it will not remove the existing Snipping Tool with Redstone 5, but will replace it, with the currently under development Screen Sketch app, at a different point in time.

Also see

About Nick Heath

Nick Heath is chief reporter for TechRepublic. He writes about the technology that IT decision makers need to know about, and the latest happenings in the European tech scene.

Editor's Picks

Free Newsletters, In your Inbox