For the IT Pros (or security professionals using Windows 10), the final version of the Security Baseline for Windows 10 Fall Creators Update has been released. There are no changes between this and the draft release that was posted a few weeks ago, so if you have that you are already good to go!
The 1709 baseline package includes GPOs that can be imported in Active Directory, scripts for applying the GPOs to local policy, custom ADMX files for Group Policy settings, and all the recommended settings in spreadsheet form. The spreadsheet also includes the corresponding settings for configuring through Windows’ Mobile Device Management (MDM).
CSO Online has a writeup of six of the new security features in Windows 10. While these are not all of the security features with Windows 10, it’s a good start for checking out what’s available.
Among the new features that the Windows 10 Fall Creators Update offers are six new ways to enhance or better manage security settings. They include options to limit app access to your personal data and the ability to better protect folders, devices and executables, The step-by-step instructions below show how to make the best use of the new security features.
A few known issues to look at before updating, which may be a show stopper for you.
RSAT Package recommendation: When to use WS_1709 RSAT Package: When managing Windows Server, version 1709 When to use WS2016 RSAT Package: When managing targets older than Windows Server, version 1709 There are known issues that may impact RSAT functionality Issue: DNS Tools missing Impact: WS_1709 RSAT package users Resolution: Use the WS2016 RSAT package Issue: Cannot turn off individual RSAT components Impact: WS_1709 RSAT package users Resolution: Use the WS2016 RSAT package Issue: Tabs missing from MMC Properties Impact: Windows 10 clients before the Anniversary Update Resolution: Update to the latest version of Windows 10 client and reinstall RSAT Issue: Shielding Data File Wizard cannot create shielding data files Impact: Windows 10 Clients running the Fall Creators Update Resolution: Use the WS2016 RSAT package on Windows 10 Anniversary Update to create shielding data files for Windows shielded VMs, or the built-in RSAT tools in Windows Server, version 1709 to create shielding data files for both Windows and Linux shielded VMs. Issue: Template disks created from the Template Disk Wizard do not boot Impact: Windows 10 Clients running the Fall Creators Update Resolution: Use the WS2016 RSAT package on Windows 10 Anniversary Update to create template disks for Windows shielded VMs, or the built-in RSAT tools in Windows Server, version 1709 to create shielding data files for both Windows and Linux shielded VMs.
Microsoft has announced the newest Surface line – the Surface Book 2. A lot of new features, some higher specs including a configuration with a nice i7 and a GeForce 1060 GPU, all within a small and light case. A 13.5″ and a 15″ model are available with up to a 17 hour battery life (of course, what’s promised and what’s delivered are yet to be seen). As usual, this is some very beautiful hardware running Windows 10. What started with a mediocre device, a $900 million writeoff has eventually became one of the best devices available.
Those in the Fast Ring are now able to update to 17017, which begins the Red Stone 4 series of build. Not a whole lot of new features, numerous fixes. As usual – check the known issues to see if there is a show stopper for you!
If you are missing some Feature-on-Demand (FOD) packages such as Windows Media Player, please see this Feedback Hub post: https://aka.ms/Rsrjqn.
Using a swipe gesture with touch to dismiss notifications from the Action Center is currently not working. We’re investigating – for now you’ll need to use the clear all button, or use mouse/keyboard.
If you RDP into a PC running this build with certain GPU configurations, when you go to sign in to the PC locally it will appear stuck at a black screen with only the cursor available. If you let it sit for a bit, the PC will eventually recover and you’ll be able to use it normally.
The Microsoft OneDrive team is making some visual changes to OneDrive, which look pretty great in my opinion. This includes folders, file icons, etc. across OneDrive and Sharepoint.
Every day, millions of people rely on OneDrive and SharePoint to share documents, pictures, and countless other kinds of digital content. We’ve listened to your feedback and worked to create a refreshed experience to help you be even more productive. Today we’re proud to announce a new experience across web and mobile that makes finding what’s important to you easier, while keeping you better up to date with what is going on with your files. You will see all these changes hit your device and browser before the end of the year.
Yesterday was October Patch Tuesday. This time, Microsoft has 62 fixes being pushed. Brian Krebs has the lowdown on what is included with these new fixes. Always be sure to do Windows Updates and keep your system patched. An unpatched system is vulnerable to easy compromise.
Roughly half of the flaws Microsoft addressed this week are in the code that makes up various versions of Windows, and 28 of them were labeled “critical” — meaning malware or malicious attackers could use the weaknesses to break into Windows computers remotely with no help from users.
After October 10, 2017, Windows 10 devices running version 1511 will no longer receive security and quality updates. Microsoft recommends updating devices to the latest version of Windows 10 by visiting the Windows Security page and selecting Verify you’re updated to manually update your device . For additional info, check out the Windows lifecycle fact sheet.
Since version 1511 was released in November 2015, Microsoft has released additional feature updates that build upon each other, delivering the newest features and more comprehensive security. Windows 10 was designed as a service, whereby feature updates are required a couple times a year. For most consumers, both quality and feature updates are delivered automatically according to their Windows Update settings.
Today, Microsoft is launching the iOS and Android versions of it’s newest browser – Microsoft Edge. For those that aren’t familiar with it, it’s worth a try. For those that are, you either love it or hate it. The “Continue on PC” feature is one that I already use on the iPhone with Chrome, but I will definitely be using it with Edge.
We are excited to continue the work we announced at Build to make Windows 10 PCs work great with your phone. Microsoft Edge for iOS is available starting today in preview, with Microsoft Edge for Android available soon in preview. And, Microsoft Launcher is available starting today in preview as well. Continue on PC functionality in both apps comes with the Windows 10 Fall Creators Update.