As well as the improvements to the Windows and Edge user interfaces and consumer tools like Mixed Reality Flashlight, the Windows 10 October 2018 update comes with some solid improvements aimed at enterprises, especially in security.
There's a simpler user interface for users to see the state of their systems, which is now just called Windows Security. You can see the highlights under Settings / Update & Security / Windows Security, or launch the full view from there or directly via the system tray. The 'Virus & threat protection' section shows any action you need to take to protect your system, and includes some new controls that you can also manage centrally.
If you're not already controlling Windows Defender Application Guard (WDAG, which opens Edge in an isolated VM for security), there's now a link to install it from the App & browser control section of Windows Security, under 'Isolated browsing'. With WDAG on, you can use Group Policy to allow files to be downloaded in Edge to the host PC: under Administrative Templates / Windows Components / Windows Defender Application Guard, select 'Allow files to download and save to the host operating system' from Windows Defender Application Guard.
Controlled folder access stops ransomware corrupting files, but this can also block legitimate apps from editing common folders like Documents and Pictures. To fix this, choose Windows Security / Virus & threat protection settings / Ransomware protection / Manage ransomware protection, and select 'Allow an app through controlled folder access' and 'Add an allowed app'.
You can now block DMA access for Thunderbolt devices while a PC is locked -- which can be an attack vector -- using the IOMMU. Choose Device security / Core isolation / Core isolation details and set 'Memory integrity' to on. External GPUs connected via Thunderbolt 3 can be safely ejected from the Safely Remove Hardware and Eject Media icon in the system tray.
Windows Security now integrates third-party tools. Choose Settings / Security providers / Manage providers to see all the antivirus, firewall and web protection agents running on a device.
Edge also has some HTTP/2 improvements. As well as using connection coalescing to speed up sites that use sharding (which improved performance for HTTP/1.1 but slows down HTTP/2), it can cope with sites that list cipher suites in the wrong order. Instead of terminating the connection, it negotiates the correct encryption from the server's list of allowed and banned protocols.
Image: Mary Branscombe/TechRepublic