Windows 10 2017 Fall Creators Update – New Security Features

Cortana and Phone

Important security settings for Cortana and Phone are now found in the main Settings app.

Blog Post - Fall Creators Update Security1

PHONE

With Windows 10 you can now link your phone and computer into a single seamless experience. The new Phone settings allow cross-device app and web browsing where you start a session on your phone then pick it up on your computer. Click the Settings app’s Phone icon then click Add a phone, add the necessary information then respond to the SMS message on your phone. If you determine that this link presents a security risk you can go back into Phone settings and click “Unlink this PC”.

CORTANA

When you click the Settings app’s Cortana icon you are presented with a familiar set of options ported from the previous Cortana Settings panel. In fact, the Cortana panel’s Setting icon has been modified to transport you directly to the Cortana page within the Settings app. Cortana’s settings are now organized into the sections. On the left click Permissions & History to access security related items. You can manage how much information Cortana logs from your device (computer, tablet, phone) including communication, browsing and typing histories. You can also manage what Cortana logs from outside services including Office 365, Skype and LinkedIn.

Windows Defender

Windows Defender, Window 10’s security suite, has been beefed up with two new features: Exploit Protection and Controlled Folder Access. Exploit Protection adds serious anti-malware muscle against hacker attacks. Controlled Folder Access prevents malware from hijacking your files for ransom. They act together to keep hackers at bay until new system vulnerabilities are successfully patched.

EXPLOIT PROTECTION

All Exploit Protection tools are turned on by default. Changing the default settings is not for the faint hearted so please be careful. If you are not already very familiar with what each one does it is probably best to leave them at their default positions. In a corporation you should let your enterprise level system administrator manage them for you. If you still would like to modify these settings, or are simply curious, open the Windows Defender Security Center app from the Start menu, click App & browser control then click Exploit protection settings (at the bottom). There are two panel tabs: System settings and Program settings. Two of the six System settings are pictured here with one of them displaying the three settings you can choose: On, Off and Use default.  Program settings override System ones allowing you finer control over individual programs. You can also add programs to the default list. Within each of the added programs you can adjust 21 settings so please be careful and only make changes if you know exactly what you are doing.

Blog Post - Fall Creators Update Security2

CONTROLLED FOLDER ACCESS

Controlled Folder Access locks down selected folders so only Microsoft certified safe apps can access them. Microsoft also allows you to designate which of your own apps are safe. Once on the safe list an app can access and change files in protected folders. For example, you could prevent all programs from working with the system Documents folder except Excel. Controlled Folder Access is disabled by default. To enable it click Virus & threat protection in the Windows Defender Security Center app then Virus & threat protection settings. Near the bottom slide the Controlled folder access setting to On then click Yes on the subsequent dialog.

Blog Post - Fall Creators Update Security4

Two new settings now appear: Protected folders and Allow an app through Controlled folder access. Click Protected folders to open a list of folder defaults such as Desktop, Documents and Favorites. These can’t be changed however you can add your own by clicking Add a protected folder, choose the folder to add then click Yes to allow the system to make this change. To remove a custom folder click the folder within the Protected folders list, click Remove then click Yes. This warning appears when an app, not on the safe list, tries to access a protected folder and is blocked. To designate it as safe you must first make note of the file name and location that appears on the warning.   Enter the Virus & threat protection settings page as above then click Allow an app through Controlled folder access located below the Controlled folder access on/off setting. Click Add an allowed app, navigate to the location you wrote down, double click on the file name you also wrote down then click Yes to allow the change. To remove a previously whitelisted app, click the app in the Allow an app through Controlled folder access screen, click Remove then click Yes.  This warning appears when an app, not on the safe list, tries to access a protected folder and is blocked. To designate it as safe you must first make note of the file name and location that appears on the warning.

Warning!

Controlled Folder Access will protect a folder from ANY program not on the safe list. This may include common antivirus programs, financial applications, or photo editors. This may severely limit your daily activities unless you devote enough time to whitelist all your known and trusted apps. It is recommended therefore that you turn this feature on for a limited time to assess how many apps it interferes with. You can then decide how to proceed balancing the cost of managing your list of safe apps against the likelihood and potential cost of successful ransomware attacks. Adding a folder to the protected list comes with the same warning. Evaluate its usefulness before committing permanently to this change.

Blog Post - Fall Creators Update Security3

Share!