What’s new in Windows Defender ATP Fall Creators Update

Discussion in 'other anti-malware software' started by ronjor, Jun 27, 2017.

  1. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    No kidding! And sadly, all they had to do in W8 was make the new Metro UI optional. Even if they decided to make it the default, if they gave users the option to bring back a W7 type desktop, I believe W8 would have been well received. It was, after all, a great OS under the hood.
    I don't have a problem with that. With PC sales declining and more and more users moving to mobile devices exclusively, it makes good business sense to try and get a toehold in the mobile market too. They just assumed users would blindly follow them (or rather, put up with being dragged along). If you "offer" people change, they are much more likely to embrace it. If you try to shove it down their throats, they will bulk or totally refuse.
    Oh I think they have swallowed their pride and admitted their mistake now. W8 was a total flop. W8.1 was a futile attempt to fix it, but it was too little too late. The damage was done. While W10 still uses tiles, it at least has a start menu and is more configurable.
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Well you didn't allow for much if any argument with those replies. At least you won't get one from me.

    I still use and actually am extremely fond of Windows 8/8.1 but you have to remember, this is coming from a long holdout on XP. Windows 7 just wasn't my cup of tea compared to XP in spite of the improvements added.

    However once transitioned over to Windows 8, I too was reasonably skeptical but not nowhere near as much as the fuss as the masses who balked to the extreme over it. Although those expressions were completely in order given what we all were used to before as Windows end users.

    Since already long active within the customizing community (or used to be anyway) there were plenty of workarounds to get desktop back in a flash and best of all many useful XP customizations were just so easily ported over to 8. Windows 7 too I guess, I will never know on that one.

    Want to learn something funny? I am likely one of the very few that has absolute zero experience with Windows 7 aside from helping some folks with malware removals from their machines. I mean I felt I didn't even really need it period after going straight to 8 from XP anyway and felt Windows 8 was well ahead of the curve so-to-speak in other areas I like best such as less explorer crashes and a bit more zip.

    Windows 10 is altogether a whole different experience that while still in it's infancy IMO, I best reserve serious comment either way on it until they get the thing finally sewed up to the final version with more stable security features and for pity's sake, find some way to relieve the apprehensions that the telemetry issue is bringing up for so many.

    Windows Defender improvements should be an interesting watch as they work to pinpoint more avenues to better integrate it without something bringing the whole scene to a halt through a vulnerability or what have you.
     
    Last edited: Jun 30, 2017
  3. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Well, I never migrated to Vista. I stuck with XP until W7. I did migrate a couple of systems to W8 but immediately installed Start8 on them when that became available - then I really liked W8. But when W10 came out I migrated all my systems to W10, and built myself this system with W10 from the start. And most of my clients are up to W10 too.

    As far as W10, not sure what you mean by "more stable security features". I've seen no problems there. All my systems and most clients, friends and families use WD and Windows Firewall, with Malwarebytes on demand just to be sure. And none have been unstable, or compromised.

    But note too, W10 will always be evolving. So there will never be a final, sewed up version. That's why it is marketed as the last Windows you will buy.
     
  4. NormanF

    NormanF Registered Member

    Joined:
    Feb 20, 2009
    Posts:
    2,874
    True to a point. Windows is now a rolling version product - it gets continually updated so you never have to install a new version.

    You only need to do it with Windows Enterprise LTSB which is a fixed release product.
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Guess I should rephrase that.

    When referring to "more stable security features" it's not actually so much a question of stability per say (those so far are ok as you point out) as that does seem to suggest, but to be more specific, the addition of "MORE" security features equally as stable wherein even custom mitigations can be readily accessible through the same interface with exception of course of the Group Policy Manager etc.

    Didn't intend to imply it any other way but I see where it is easily mistaken that way.

    However i for one, don't for a single moment of time subscribe to the suggestion or opinion that Windows 10 will be a last version.

    Given the history to date you can expect them to announce at some point in time another new version, yet again, however they choose to frame such a projection where it gets received as tech news. My own opinion of course.
     
  6. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Okay, but Windows Enterprise is almost exclusively used in a corporate or "enterprise" environment. But still, as it stands right now, there will never be a Windows 11, Windows 15 or what ever. What I see might happen is the numerical distinction disappearing completely. That is, there will just be "Windows".

    Those are happening. But I think it important to note that users of WD to this point have not been infected any more than those using security alternatives have. And the recent ransomware threats were totally negated BEFORE their arrival simply by keeping Windows 10 updated. Only those using older versions of Windows, and those who failed to keep W10 updated were affected. So the desire to wait for more "layers" seem to me to be a moot point. MS, has, IMO, done a great job of staying on top of it. Users just need to be more "security aware" and disciplined. And users need to set aside their biases and finally accept that Microsoft is taking their security and safety seriously.

    As far as there being a new version of Windows, there is this: Why Microsoft is calling Windows 10 'the last version of Windows'. That said, there is nothing stopping them from discontinuing Windows completely and coming out with an entirely new operating system.

    But much will depend on the hardware industry. They traditionally have been way ahead of the software/OS industry. 64-bit capable hardware, for example, has been around since the 70s but it took until Windows 7 before 64-bit finally became popular and more and more developers put out 64-bit versions of their programs.
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I don't think that they really had much choice as an industry leader with the way things were shaping up on their end and more importantly over these past months without jeopardizing their rep.

    You have to understand they are still trying to make up ground for the Windows 8 rollout which wasn't exactly as planned for them.

    With all the pressure focused directly at them lately you have to give credit where credit is due so far as the Win 10 Windows Defender security improvements are concerned.

    The privacy aspect of things is also a whole different angle and one that I still wait to see what eventually flushes out in that debate.
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Major privacy watchdogs worldwide are concerned about data collection in Win 10, but people are supposed to dismiss this because Ed Bott and Bill Bright said so, what a joke LOL. The only thing interesting about that link are the comments where the author is getting hammered. But to be fair, it's not clear to me if Win Defender collects data even if you disable the cloud scanning feature.

    http://www.reuters.com/article/us-microsoft-dataprotection-eu-idUSKBN15Z1UI
    https://www.cnil.fr/en/windows-10-c...oft-corporation-comply-french-data-protection
    https://www.eff.org/deeplinks/2016/...-disregards-user-choice-and-privacy-deep-dive

    The only companies that should know everything about my online behavior are my ISP and Google and I'm cool with that. My OS and apps have no business monitoring stuff like which sites I visit and which apps I'm using. And I'm not buying into this "not personally identifiable" stuff, it's very naive to think they can't profile you. And it's about the principle, I'm not even using tools like TOR and VPN.

    You don't have to worry about me, I can probably stay safe on Windows XP, without any AV. And Win 8 is secure enough for me.
     
  9. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Since when can an OS not function without phoning home?

    Actually, I like to think I have disabled all of the tracking, but let's face it, without constantly monitoring network connections you never really know for sure. That's why I say "most", but on Win 10 it's a lot worse.
     
  10. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Their rep was already severely damaged by W8. They have never fully recovered from that fiasco.

    But frankly, it does not help when wannabe journalist and bashing bloggers exaggerate, twist, sensationalize or even make up stories just to get attention.
    Google "should" know all your online activities? o_O And you're cool with Google knowing everything? o_O Wow! I don't see how your can be more misguided here.

    My recommendation to you Rasheed is to IMMEDIATELY format your drives and install Linux.
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Nope, I'm quite content with Win 8. And what I meant was that because of the services that Google and ISP's provide, it's logical that they know everything about your online behavior. But that doesn't mean I want them to track me. But anyway, to stay on topic, Windows Defender Exploit Guard sounds interesting, I wonder if this will also be included in the Windows versions for home users.
     
  12. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Oh bull feathers! It is not logical at all. The ONLY reason they want to know our on-line behavior is so they can capitalize on it for their profit. They don't need to know I was shopping for a new power supply. They only need to know how many packets were dumped and the cause of any latency issues.
    Not initially. Perhaps next year in the Spring Creators Update.
     
  13. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    I never said it wouldn't function. But rather functioning correctly.

    https://docs.microsoft.com/en-us/windows/configuration/windows-diagnostic-data
    Microsoft collects Windows diagnostic data to keep Windows up-to-date, secure, and operating properly

    https://privacy.microsoft.com/en-us/windows-10-feedback-diagnostics-and-privacy
    As you use Windows, we also collect diagnostic information which helps us find and fix problems, improve our products and services, and provide you with personalized experiences


    I remember when I first upgraded my Windows 8.1 to Windows 10. Everything seemed fine except for a problem with videos due to the hardware acceleration. I had to disable hardware acceleration on videos for them to play properly. But suddenly one day I noticed the problem was fixed. I didn't do anything, I didn't reset my computer or updated drivers. It was fixed. I assumed that Microsoft received the data regarding my issue and fixed it themselves.
     
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Nice of Microsoft to mention this:
    Whereas post-execution mitigation might detect the attack activity mentioned, the malware is already executing and may have installed other "nasty's."

    Additionally, the latest strains of malware no longer need to perform memory based .dll injection via process hollowing which BTW is rather "nosiy." The current malware strains have the capability to directly inject the .dll into an active process's memory and execute it.
     
    Last edited: Jul 13, 2017
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,059
    Location:
    Texas
    Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware
     
  17. guest

    guest Guest

  18. metmichallica

    metmichallica Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    183
    I like Microsoft, but found out I couldn't use their antivirus on my one computer anymore because it runs Vista. I wanted to use Norton, but Norton wasn't working with either computer. Left with nothing to use I used the preinstalled Windows Defender on Windows 10 plus Zemana plus Malwarebytes and Malwarebytes and Zemana Antimalware on Windows Vista.

    Today I happily use Norton on both computers along with Zemana Antimalware. The other day I finally went to Symantec chat and they took control over both computers and fixed Norton on both of them. My only regret is I didn't go to them sooner.

    Microsoft might be good, but they are in everything. How can you be sure they are giving it their all? ( Symantec, Mcafee, Kaspersky,eset, etc) Security is all they do and that's why you can be sure they are giving it their all

    Edit: By the way I don't pay for Norton. I get it free from my isp..
     
  19. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    :( It seems like you did not read through this thread before joining and posting your comments as your questions have been answered already.
    Microsoft is hardly into everything, but they are into a lot. But you are implying they are stretched too thin. With more than 120,000 employees, that is just not true.

    How can we be sure they are giving it their all? As I already mentioned, because they will get blamed anyway so they must strive to product an effective anti-malware solution, if for no other reason than to avoid the bad press and bad publicity. Please read my post #13 on page 1 and remember, ONLY Microsoft has the true financial incentive to stop malware. Your Norton, McAfee, Kaspersky, ESET, etc. all need malware to thrive or they will go bankrupt. So clearly, Norton, McAfee and the others have, at the very least, the "appearance" of a conflict of interest that interferes with your notion they will be "giving it their all". :cautious: If they were giving it their all, why didn't they stop malware way back when they went whining and crying to Congress and the EU that it was their job to do so?

    Microsoft, on the other hand, really does give it their all because if WD fails to protect Windows and its users, the bashings from the Microsoft haters and irresponsible wannabes in the IT press will be relentless, just as it was for over 10 years with XP - even though it was the bad guys perpetrating the offenses, users who failed to keep their systems updated, and the failure of Norton, McAfee, AVG, ZoneAlarm, BitDefender, Kaspersky, et al to block them. :(

    You are not getting it for free - your ISP just wants you to believe that they are giving it to you. You are still paying for it through increased monthly fees. And don't think for a second that Norton is not gathering telemetry on your Internet usage either. I am not saying they are spying on you, just collecting telemetry like everybody else. For the record, my ISP has a similar offering with McAfee Security Suite Plus. But I don't use it because I don't need that extra bloat and all the extra features I don't want and that don't protect me any better.

    And once again, I am NOT saying Norton, McAfee, Zemana and the others are not good. They get the job done just fine. But so does Windows Defender and Windows Firewall and they are already in Windows.

    And as a side note, it really makes no sense for you to have both Zemana and Malwarebytes installed. This is especially true if both are running real-time components. One or the other is fine as a supplemental scanner - something needed regardless your primary scanner of choice.
     
  20. plat1098

    plat1098 Guest

    Berating third party security and those who use it when malware/anti-malware is about as firmly established as human disease is an exercise in futility. It's like saying everyone should go to the same medical facility because that's all you need. The third parties merited their rights to be here untold times over. Checks and balances.

    Microsoft had better have gotten its act together with its proprietary anti-malware, particularly after the NSA leaks. Windows Defender is a good foundation for my computer's security but it won't be operating alone anytime soon and one should know why. It's called "choice" in the security software marketplace. Many like me regard a computer as an investment, not a toy.:) Can't the pro-Microsoft people respect that?
     
  21. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Who's berating third party security? I specifically said the products do a fine job. And nobody here berated those who use it - so I think you need to cool your jets before suggesting otherwise.
    :argh: So berating first party software is okay? And "proprietary"? Come on! That's just silly. Like all the others programs are not proprietary? :rolleyes: They all use proprietary code.

    As for the treasonous acts :mad: resulting in the NSA leaks, don't forget that Microsoft released updates protecting Windows from such threats BEFORE the Wannacry and other malicious attacks happened. If those affected users and admins had applied those updates in a timely manner, the attacks would have been thwarted before they even started.

    Of course we can, and do. I certainly feel it is not only an investment, but a necessary tool for me to "manage" and conduct my personal life in terms of banking, communications, work, and more. And furthermore, Microsoft fully understands that too. Once again, ONLY Microsoft has the vested interest to totally thwart malware. Can't the tinfoil hat wearers and anti-Microsoft people respect that?
     
  22. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
  23. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    4,041
    Location:
    Nebraska, USA
    Malicious data can run in memory before being saved to disk, deliver its payload, or do any actual damage.

    You can think of it like police profiling - only legal. The anti-malware police are constantly patrolling your RAM looking for activity that does not seem quite right. When it sees something, it temporarily blocks that code from further activity, then calls in to check with the cloud protection service to see if there is any additional information on that code and from there, will determine if the code is safe, or still suspicious/malicious and take the [hopefully] proper action from there.

    Of course, the bad guys are clever too and constantly looking for ways to "blend in" with the crowd. Just like thwarting terrorism in NYC. Law Enforcement has to be right 100% of the time, while the bad guys need to get it right only once to create havoc. So it is a never ending battle with never a guarantee the bad guys will never win. But like the NYPD and their partners, WD is pretty darn good at their jobs.
    It would be even better if it can be blocked at the source, before it is uploaded to the Internet. Sadly, ISPs and the big communication carriers, Norton, McAfee, Kaspersky et al don't want that responsibility and Microsoft cannot do it alone.
     
  24. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    @Bill_Bright -Surely Bill you are not that naïve in reality.

    It apparently is been ONLY Microsoft that is ever also? had a vested interest in seeing malware continue to keep the chain alive and rolling the O/S series along in an endless loop of advertising the next better and best ever Windows and lah dee dah as well as keep up the commercial AV industry etc. Business begets business methodology.

    You know full well that after all this time and all the earlier versions that to seal up ALL the potential pitfalls and avenues of exploration (inside their released creation) would be to their exact opposite means and disadvantage.

    IMHO the security aspect of windows was fashioned to begin with as a simple enough framework without any real solid security/privacy protection from the onset to help inspire and create new educational opportunities and security industries that you enjoy today in major Commercial AV as well as Regional Third Party Vendors etc. and to that end it has largely been a success.

    You must remember M$ by definition is a O/S manufacturer never particularly concerned with either security or privacy aspects of Bill Gate's brainchild.

    They are not in the security business per say but now is fallen to them to conduct some form of damage control courtesy Leaked NSA Exploits etc. from driving their depreciation to a point of no return.

    In conclusion I will just add that they are walking a fine line with forcing that Telemetry and might serve them far better as an industry to forego and otherwise cancel that design while there is still time for them to do so.

    End users and businesses alike may not be as forgiving as some of us who can see the whole picture and people in general have picked up the pace themselves from media reports (Leaked source code, nsa exploits etc) in drawing their own conclusions from a matter of privacy concerns standpoint.
     
  25. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Just by typing "M$" instead of MS or Microsoft shows how non-serious you are in this discussion.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.