Microsoft: Windows 10 Version 1607 is the Most Secure Windows Ever

Posted on November 11, 2016 by Paul Thurrott in Windows 10 with 20 Comments

Microsoft: Windows 10 Version 1607 is the Most Secure Windows Ever

In tandem with the release of a new security white paper, Microsoft is claiming that Windows 10 version 1607 is the most secure version of Windows yet.

“Every day cybercriminals test new ways to attack and gain control of your PC,” a Microsoft representative told me. “In the last 12 months alone, the number of ransomware variants in the wild have more than doubled. Because Microsoft understands how destructive ransomware can be, the company has developed and incorporated multiple solutions into its technologies to help protect your PC. The Windows 10 Anniversary Update comes with enhanced security features that make this OS the most secure and more ransomware-resilient than ever.”

Microsoft has published a new white paper called Ransomware Protection in Windows 10 Anniversary Update that details how the latest Windows 10 version helps to protect all of its customers, from consumers to businesses. But in a separate blog post, it also makes its case for why Windows 10 version 1607—that is, Windows 10 with the Anniversary Update installed—is the most secure Windows version yet. Improvements in this release include:

Browser hardening. Microsoft Edge runs Adobe Flash Player in an isolated container, and Edge exploits cannot execute other applications. “These improvements block malware from silently downloading and executing additional payloads on customers’ systems,” Microsoft says.

Windows Defender improvements. The Windows Defender signature delivery channel works faster than before so that the in-box anti-virus and antimalware solution can help block ransomware, both in the cloud and on the client. Additionally, Windows Defender responds to new threats faster using improved cloud protection and automatic sample submission features, plus improved behavioral heuristics aimed at detecting ransomware-related activities.

Windows Defender Advanced Threat Protection. This new service helps business customers respond to attacks by alerting the security team, identify any damage caused, and understand where it might be moving next. It can also work with Office 365 Advanced Threat Protection to provide a more holistic view of what is attacking the enterprise.

To help prevent ransomeware specifically, Microsoft recommends that customers install the Windows 10 Anniversary Update and accept the default security settings, keep machines up to date with the very latest updates, and create and follow a comprehensive backup strategy.

 

Premium Comments (12) Comments (8)
Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe
12 Comments
Sort by Votes | Date
  1. 0 | Reply
    PhotM Alpha Member #931 - 3 weeks ago

    Paul,

     When I see a headline like you wrote, my first question is always, BUT what edition of W 10 ??? are they comparing to. In your article, what edition did MS use. Believe me there is very little comparison between W 10 Pro AND W 10 Enterprise/Education when it comes to security.

     From all that I have heard and read, so far I see very little difference between W 10 Pro OS and Security AND W 8.1 Pro that is fully PATCHED. Most of the changes are not in the OS wise, but are in the Store and GUI so it isn't really impacting most whom are just using the OS and wanting its STABILITY. Yes I am an insider and up to date with that on both Fast and Review Rings.

    Best Regards,

    Crysta

  2. 0 | Reply
    hrlngrv Alpha Member #100 - 3 weeks ago

    Sorry to intrude some statistical skepticism, but if the main vectors for ransomware encounters are social engineering or tainted ads in websites, wouldn't the average Windows 10 user be a more sophisticated Windows PC user, so less susceptible to the former and more likely to use ad blockers which handle much of the latter? IOW, that chart may be misleading and show mostly underlying subpopulation differences. At the very least, it'd be useful to see both Windows 10 and Windows 7 groups broken down into using and not using ad blocking subgroups.

    FTHOI, I wonder what the ransomware encounter rate is for macOS, Linux, BSD, etc. Perhaps running Linux in a Hyper-V VM and browsing in that VM is even safer.

    Also, backups are ALWAYS GOOD, not just as fallback against ransomware. Perhaps the value can only be discerned by those who've actually fried a hard disk.

    1. 0 | Reply
      Nonmoi Alpha Member #1426 - 3 weeks ago
      In reply to hrlngrv:

      I don't know why you are down voted. 

      The possibility of selection bias is real right here.

      I agree with you, that we need more data both in the width and depth to have a clear sense of how efficient are the new ransomware protection in Win10 works.

       

      And you can only be 100% secure from ransomware if you have cold backup with versions, which can be expensive, especially when you use an SaaS.

    2. 0 | Reply
      hrlngrv Alpha Member #100 - 3 weeks ago

      In reply to Nonmoi:

      I'm down voted because fanboys dislike skepticism or any criticism, well-meaning or otherwise, of their adored OS and tech company.

      Re backups, I mean data backups and configuration backups, though in my experience the most effective configuration backups for Windows are a whole lotta .REG files.

  3. -1 | Reply
    ndwilder Alpha Member #321 - 3 weeks ago

    This is akin to Apple claiming, this is the best iPhone we've ever made... Well, I HOPE so, since this whole event is about launching it. Accepting the default security settings isn't exactly the most secure either, sending all kinds of data to MS.

     

    1. -1 | Reply
      danmac Alpha Member #732 - 3 weeks ago
      In reply to ndwilder:

      That's why they said "secure" and not "private". I dare say some of the telemetry might tell them about new ransomware and allow them to harden Windows more. 

  4. -5 | Reply
    Waethorn Alpha Member #2235 - 3 weeks ago

    Ransomware is only 1 form of malware.  Defender fails to prevent the installation of LOTS of malware that MalwareBytes prevents.  My own computer store is proof of this: I get customer computers every day with malware infections that are "up-to-date" with Windows 10.  In a lot of ways, Windows 10 is no more safe for users than Windows XP is.

    1. 3 | Reply
      ndwilder Alpha Member #321 - 3 weeks ago
      In reply to Waethorn:

      Windows XP came with zero security software, and didn't have a firewall until later SPs. If people weren't running their PCs with admin rights, and clicking yes on everything, they would be far better off. However, XP didn't tend to introduce it's own denial of service with patches put out with nearly zero QA, so there's that.

    2. -1 | Reply
      Waethorn Alpha Member #2235 - 3 weeks ago
    3. 0 | Reply
      JudaZuk Alpha Member #2098 - 3 weeks ago
      In reply to Waethorn:

      And what antivirus program are they running,  are they using Edge .. or some other browser?

      What I find it that most people getting infected are actively clicking and installing malware because they don't read, and approve and click away anything that pop up on the screen, and often they use a third party crap antivirus like AVG (that used to be good but now more or less is malware it self) or Symantec's bloated crap that just slows down computers and find almost nothing. or worse of all Panda Anti-virus or McAfee.  Really popular right now are e-mails from "fedex" or "DHL" with a .zip file as an attachment .. a .zip file that contains javascript that starts the attack .. an people of course click to open the .zip file, even if they know they expect nothing from Fedex,  and the name is wrong, and the text is completely illogical in the mail ...nevermind the source of the mail clearly show that it is from someone else..  get that even through gmail at times..

      Windows 10 is the most secure version of Windows ever .. and if you use Edge it's safer still .  

    4. 0 | Reply
      Waethorn Alpha Member #2235 - 3 weeks ago
      In reply to JudaZuk:

      Most are using Defender.  Some are using third-party AV instead.  In doesn't matter - the OS won't protect you against most malware.

    5. 0 | Reply
      JudaZuk Alpha Member #2098 - 3 weeks ago
      In reply to Waethorn:  - no System will protect you against all Malware , but Windows 10 will protect you from most I'm sure of.