Skip to main content

Windows Creators Update to improve Defender’s detection and response

Microsoft is continuing to update its Windows Defender platform and will issue a big overhaul to some of its functions in the upcoming Creators Update. Specifically, it will improve the ways in which the anti-malware software detects, investigates and responds to a range of threats from different actors.

Along with Windows Firewall, Windows Defender is seen by many as the baseline of defense for a Windows-based PC. It can go hand in hand with third-party antivirus and anti-malware products, but Windows Defender is the first and last step in protecting many millions of systems the world over. So, keeping it updated and capable of tackling the latest threats is rather important.

In the Creators Update, Microsoft will update its ability to detect memory and kernel intrusions, where typically attackers could hide from traditional detection methods. Microsoft claims to have already leveraged this ability to prevent new zero-day attacks on Windows and has used machine learning to counter the changing trends in attack vectors.

Customers can even add in their own indications of intrusion to augment the detection dictionary.

Opening up the anti-malware process to consumers is a major part of the changes Microsoft is making in the Creators Update. When it comes to threat investigation, Microsoft has added a “single pane of glass across the entire Windows security stack.” In essence, everyone will be able to see what Windows Defender is doing: what it’s blocking, what it’s quarantining and what it’s keeping an eye on.

All of that will be available within a single view to make it easier for security teams to analyse potential and historic threats to the system. This should enable a deeper understanding of the types of attacks coming in, which makes it easier for security professionals and end users to prevent further attacks in the future.

IT managers will be able to look at up to six months of logs for an entire organization’s cloud-connected systems, to provide historic context for any studied attacks.

Giving those same security professionals additional power to combat ongoing attacks, Windows Defender’s update response system will give them manual controls for isolating machines, banning certain files from the network, and killing and quarantining certain processes or files.

All of that and more will be added as part of the upcoming Creators Update. If you’d like to try it out now, you can start a free trial with the Advanced Thread Protection system today.

Editors' Recommendations

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
The best Windows 11 keyboard shortcuts
Microsoft Surface Laptop Go 3 top down view showing keyboard and touchpad.

Keyboard shortcuts are a great way to save time, whether you're working or relaxing. While we've already covered some of our favorite Windows 10 shortcuts, there are also a few you should try out in Windows 11. Here's a look at some of our favorite shortcuts and how you can use them to your advantage.
New Windows 11 keyboard shortcuts

Windows 11 brings a new set of keyboard shortcuts that aren't available in Windows 10. These shortcuts are catered to some of the new features in the operating system, like the Widgets Pane, Quick Settings, Notification Center, Snap Layouts, and Windows Copilot. Many of these shortcuts will require you to use the Windows Key (⊞), which you can find to the left of the spacebar.

Read more
Windows 12 could repeat Windows 11’s big mistake
surface laptop studio 2 review 07

The first details about Windows 12 are starting to take shape, and the rumored OS could repeat the biggest mistake of Windows 11. As we've heard previously, the new OS will likely have a big focus on AI features. Now, we're hearing that many of those features will require a dedicated Neural Processing Unit (NPU), as reported by Windows Central.

It's hard to forget the fumble Microsoft made with Windows 11 and its requirement of a Trusted Platform Module (TPM). This security chip isn't included, at least in hardware, on the majority of off-the-shelf PC components, leading many to believe their PC wasn't compatible with Windows 11 when it really was.

Read more
Microsoft plans to charge for Windows 10 updates in the future
Windows 11 and Windows 10 operating system logos are displayed on laptop screens.

Microsoft has confirmed it will offer security updates for Windows 10 after the end-of-life date for the operating system for consumer users but for a fee.

The brand recently announced plans to charge regular users for Extended Security Updates (ESU) who intend to continue using Windows 10 beyond the October 14, 2025 support date.

Read more