The next big update to Windows 10 Creators Edition is out in the Fall – and Redmond is hyping up its security chops.
For a start, we're told Windows Defender will be extended from client to Microsoft's server operating systems. In addition, Redmond is adding Windows Defender Exploit Guard and Application Guard to the security suite and updating its Device Guard and Defender Antivirus software.
Exploit Guard is basically Microsoft's Enhanced Mitigation Experience Toolkit (EMET) security software reworked for the updated operating system. Last year Microsoft was forecasting the death of EMET, but now it appears it has listened to advice from its users and security experts that the code should be retained.
"We love EMET so much we built it fully into Windows 10," Rob Lefferts, director of the Windows and Devices Group, told The Register. "Everything you could do with EMET you can do with Exploit Guard."
Exploit Guard will come with new rules designed to detect unauthorized system access, and will take advice from Microsoft's security center in real time. Redmond even says it will protect against zero day exploits.
Application Guard is designed to work with the browser to detect whether local users have downloaded or installed code that they shouldn't. The new code will lock any infection onto a local machine to stop it spreading, and notify the security team that something has gone seriously amiss.
Device Guard is getting an upgrade and uses whitelisting to keep dodgy software off PCs. Lefferts said that Microsoft is working with developers to constantly update the whitelists and ensure that legitimate code will run without a problem.
On the pure antivirus side, IT admins running Defender will get a new security analytics screen that will use data from all Microsoft customers to advise on potential or incoming threats. APIs will also be released so third-party app vendors can use the same information to secure their apps. ®