Windows 10 built-in security

Since Microsoft moved the Exploit Mitigation Experience Toolkit (EMET is available for Win7) into the core of Windows security, we now have a robust and flexible Advanced Threat Protection almost comparable to Linux.

Something worth noting, but not worrying about.
Defender has not improved it’s detection rate consistency, and a cherry-picked month when it was rated 100% is often quoted as the evidence.
Defender does often achieve 100% but not as often as others.
It still exhibits a huge margin of error when dealing with new software without certificates, and will pick a random malware threat out of a hat to label it with and then quarantine it.
Take any source code for something that Defender currently trusts eg. the unrar.dll code, change something in the code and recompile to watch Defender jump on the table screaming.
For most end-users it is not a problem only an inconvenience, though if you are having problems installing or running new or newly updated software, Defender may have quarantined or blocked something it needs.

Configuring Defender
Like most security tools Defender suffers with the curse of the defaults and can be made a lot more secure.
You can find many many options spread around several panels in the security control panel for defender and the ATP features.
Unfortunately it is all to common for the shifting sand that is Windows 10 updates to make items move to a new home, so it is worth looking around after any feature updates to see what may have changed.

To make it easier to see everything in one place, and quickly tighten security, I recommend this handy little Open Source tool.
It comes with a couple of useful presets for different types of user.
For most people the High protection will do, but if you wish to make Windows more secure for your children, or people that have a gift for killing windows, then the Maximum security preset may be better.
All settings can be reviewed and you can change any you prefer.
You can also reset back to defaults.

Also worth noting for people on a metered connection, or who have changed the way Windows updates are happening, Microsoft in their wisdom rely on updating the virus definitions via the Windows updates.
You will have to manually push for the updates each day to get them.
Do not assume Defender is up to date without checking.

The other main protective layer in Windows is equally important, if not more so.
The firewall and default rules are intended for a wide range of users, so may not offer the best suited level of protection for you.
Windows Firewall Control by Binisoft is an enhanced front-end (not a replacement) and may offer you a more comfortable way to configure everything.

1 Like