Microsoft has announced that the next large update to Windows 10, called the Creators update, will arrive on April 11th. This update brings several new features to the platform that should be of interest to corporate users but it’s missing at least one that many expected to be in this release.
The company says that this roll-out will start out slowly, so if you are not seeing the update right away on the 11th, be patient. If you do want to install the retail release of the Creators update, you can use the media creation tools to install the update today; distribution via Windows Update will be even slower than the Anniversary update.
In this update, Microsoft is releasing the Windows Defender Security Center. This feature creates a single dashboard that gives you full control of your security options from one place; this includes everything from anti-virus, network and firewall protection to assessing your device performance and health and security controls for your apps and browser as well as family safety options.
Windows Defender ATP is also getting several updates that will focus on detection, intelligence and remediation:
- Detection: Microsoft is expanding the use of sensors to detect threats that persist only in memory or at the kernel level.
- Intelligence: Microsoft is opening up Threat Intelligence to allow admins to feed their own data into the Windows Security Center.
- Remediation: New remediation features in Defender ATP provide IT admins tools to isolate machines, collect forensics, kill and clean running processes and quarantine or block files, which will reduce the response time from event trigger to isolation.
Additionally, Windows now supports in-place UEFI conversion and mobile application management. The latter being a feature that protects data on personal devices without requiring the device to be enrolled in a Mobile Device Management solution.
Announced at Ignite back in September is a feature called Windows Defender Application Guard for Edge. While this feature is accessible in the Creators update, it is turned off by default and does not appear to be ready for prime time.
How it works is that if a user clicks on a link that goes to a domain that is not on an approved list, as determined by network administrators, Edge will open the link in an isolated container, at the hardware level, to keep any malicious attacks generated by the user clicking on a link, to be contained in a locked-down instance of the browser. The goal is to contain any potential threat that may arise by the user clicking the link and if needed, to be able to quickly eliminate it in the isolated environment.
This feature is for the Enterprise SKU of Windows 10 but no word on when this enhancement will be enabled.