Windows News and info 15th Anniversary 2009-2024
Windows 11 | Windows 10 Modifying => Patch Tuesday| Updates | Security | Privacy | Anti-virus => Topic started by: javajolt on August 16, 2020, 02:17:22 PM
-
(http://i.postimg.cc/d0J8T526/windows-defender.jpg)
Microsoft has made security a major focus of the Windows 10 operating system and it shows with numerous features designed to protect you from malware, exploits, and cyberattacks.
Windows 10 computer is a treasure trove of hidden security features that you can manually enable to further enhance your security.
In this article, we've highlighted the best security features that you should try on Windows 10.
Potentially unwanted applications (PUA) protection
Starting with Windows 10 May 2020 Update, otherwise known as the version 2004 update, Microsoft is making it easy to detect potentially unwanted apps using Microsoft Defender (formerly known as Windows Defender).
Potentially unwanted applications (PUA) are a category of programs that can cause your machine to run slowly or display unexpected ads. PUAs are not considered virus or malware, but they might modify your web browsers, default apps, install extensions and perform other actions which can adversely affect the performance of your device.
(http://i.postimg.cc/mDtVtd4q/PUA-Windows-Security.jpg)
May 2020 Update has added a new settings section to Windows Security called 'Reputation-based protection'. This allows you to manage your potentially unwanted apps and allow or block a particular PUA/PUP.
To enable PUA/PUP protection in Windows 10 2004, follow these steps:
Open Settings.
Navigate to Update & Security > Windows Security > App & browser control.
Look for a new section titled 'Reputation-based protection'.
You can click on the 'Turn on' button to enable the feature. If you want to configure PUA/PUP, you can also click on the 'Reputation-based protection settings'.
This will allow you to access the following settings:
Check apps and files.
SmartScreen for Microsoft Edge.
SmartScreen for Microsoft Store apps.
Memory Integrity
Windows 10 version 1803 or later comes with a feature called "Core isolation" that provides added protection against malware and other attacks. Core isolation feature isolates computer processes from Windows 10 and device, and it enables an extra layer of security against sophisticated attacks.
Memory integrity is a part of core isolation and it ensures that code running in the Windows kernel is securely designed and trustworthy. It uses hardware virtualization and Hyper-V to prevent attempts to inject and run malware in Windows kernel-mode processes.
(http://i.postimg.cc/Xqnf9Q64/Memory-Integrity.jpg)
Memory integrity is a powerful security feature, but it's turned off by default. In order to use core isolation's memory integrity feature, follow these steps:
Open Settings.
Navigate to Update & Security > Windows Security.
Click on Device security.
Under "Core isolation" and "Memory integrity", turn on the Memory integrity toggle switch.
Restart Windows to apply changes.
Enable Windows Hello
Windows 10 comes with a great feature called 'Windows Hello', which allows biometric security to work on your PC with facial or fingerprint logins, but it requires special hardware or device.
You'll be able to set up Windows Hello to log into your computer with a fingerprint sensor or a special camera that can detect your face.
(http://i.postimg.cc/13Kfqs5n/Windows-Security-Sign-in.jpg)
Once configured, you can log you into your computer without having to enter a password, thus making your experience 'passwordless'.
To use Windows Hello on Windows 10, follow these steps:
Open Settings.
In the Settings app, click on Accounts.
Click on sign-in options.
Add a four-digit PIN to Windows.
Select 'Windows Hello Face' if you want to use your face for authentication or select 'Windows Hello
fingerprint' if you want to use your fingerprint for authentication. Both options require special
hardware/device/drivers.
Network scanning
By default, Defender can scan your local files and offer real-time protection from virus, malware, ransomware, and PUAs.
Fortunately, Microsoft also allows you to scan your network files but the option needs to be enabled manually with PowerShell.
To use enable network scanning, follow these steps:
1. Open Windows Search.
2. Search for PowerShell and click the Run as administrator option.
3. Type the following command: (http://Set-MpPreference -DisableScanningNetworkFiles 0)
(http://i.postimg.cc/L588L0vt/Network-scan-powershell.jpg)
4. Press Enter to enable scan network files
By following the above steps, you can use Defender to scan network files. If you want to turn off the feature, enter the following command in PowerShell:
Set-MpPreference -DisableScanningNetworkFiles 1
Controlled Folder Access
Windows 10 also comes with the "Controlled Folder Access" feature that allows you to prevent unauthorized access to certain folders. In other words, you can control who can access certain folders on Windows 10.
This feature can also prevent ransomware when it tries to access and encrypt your documents, pictures, and other files stored in those folders. To configure Controlled Folder Access, follow these steps:
1. Open Windows Security.
2. Click on 'Virus & threat protection'
3. Click on 'Ransomware protection'
4. Locate the "Controlled folder access" section and click the On/Off toggle.
(http://i.postimg.cc/B6gwRh3w/Controlled-Folder-Access.jpg)
5. Select the "Protected folders" option.
(http://i.postimg.cc/k5jTc2vk/Protected-folders.jpg)
6. Add all the folders that you want to restrict access to.
DNS over http (DoH)
Windows 10 preview build comes with initial support for DNS over http (DoH) and it enables DNS resolution over encrypted http connections.
With support for DoH support on Windows 10, Microsoft is hoping to boost privacy on the Internet by encrypting their DNS queries.
"If you havent been waiting for it, and are wondering what DoH is all about, then be aware this feature will change how your device connects to the Internet and is in an early testing stage so only proceed if youre sure youre ready," Microsoft said in a blog spot.
In Build 20185 or newer, you can configure DoH directly in the Settings app.
To configure DoH for ethernet connections, follow these steps:
1. Open Settings > Network & Internet > Status.
2. Click Properties.
3. Select Edit IP assignment or Edit DNS server assignment.
(http://i.postimg.cc/QNph6Dvf/DoH.jpg)
4. Enable DoH in the popup.
To configure DoH for Wi-Fi connections, follow these steps:
1. Open Settings > Network & Internet > Wi-Fi.
2. Click the adapter properties link.
3. Select Edit IP assignment or Edit DNS server assignment.
4. Enable DoH in the popup.
source (http://www.bleepingcomputer.com/news/microsoft/windows-10-features-that-boost-your-computers-security/)