Skip to main content

Windows Creators Update to improve Defender’s detection and response

Microsoft is continuing to update its Windows Defender platform and will issue a big overhaul to some of its functions in the upcoming Creators Update. Specifically, it will improve the ways in which the anti-malware software detects, investigates and responds to a range of threats from different actors.

Along with Windows Firewall, Windows Defender is seen by many as the baseline of defense for a Windows-based PC. It can go hand in hand with third-party antivirus and anti-malware products, but Windows Defender is the first and last step in protecting many millions of systems the world over. So, keeping it updated and capable of tackling the latest threats is rather important.

Recommended Videos

In the Creators Update, Microsoft will update its ability to detect memory and kernel intrusions, where typically attackers could hide from traditional detection methods. Microsoft claims to have already leveraged this ability to prevent new zero-day attacks on Windows and has used machine learning to counter the changing trends in attack vectors.

Please enable Javascript to view this content

Customers can even add in their own indications of intrusion to augment the detection dictionary.

Opening up the anti-malware process to consumers is a major part of the changes Microsoft is making in the Creators Update. When it comes to threat investigation, Microsoft has added a “single pane of glass across the entire Windows security stack.” In essence, everyone will be able to see what Windows Defender is doing: what it’s blocking, what it’s quarantining and what it’s keeping an eye on.

All of that will be available within a single view to make it easier for security teams to analyse potential and historic threats to the system. This should enable a deeper understanding of the types of attacks coming in, which makes it easier for security professionals and end users to prevent further attacks in the future.

IT managers will be able to look at up to six months of logs for an entire organization’s cloud-connected systems, to provide historic context for any studied attacks.

Giving those same security professionals additional power to combat ongoing attacks, Windows Defender’s update response system will give them manual controls for isolating machines, banning certain files from the network, and killing and quarantining certain processes or files.

All of that and more will be added as part of the upcoming Creators Update. If you’d like to try it out now, you can start a free trial with the Advanced Thread Protection system today.

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Microsoft is forced to halt the Windows 11 24H2 update on some PCs
The Surface Pro 11 on a white table in front of a window.

Microsoft’s recent Windows 11 24H2 update is off to a bumpy start. According to a report by Bleeping Computer, users are facing compatibility issues across various hardware and software configurations, prompting the company to temporarily block the update for some devices.

The affected systems include specific Asus laptop models and configurations involving software like Voicemeeter, Safe Exam Browser, and older versions of Easy Anti-Cheat, commonly used in gaming.

Read more
Windows 11 24H2 may crash your PC if you have a certain SSD
The blue screen of death in Windows.

Microsoft's Windows 11 2024 Update, more commonly referred to as 24H2, is here, but it's not without issues. Reports from disgruntled users have flooded various forums, talking about constant blue screens of death (BSOD) that have appeared since they updated to the latest version of Windows. Although Microsoft has yet to officially acknowledge the problem, the users seem to have pinpointed the cause of it, and even found a workaround.

So far, it looks like these crashes are fairly limited in scope, as they seem to happen if you have one of a few Western Digital SSD models. Other SSD vendors appear unaffected so far. As reported on the WD Community Forums, users are getting BSODs with the error "critical process has died" ever since they updated to the 24H2 update.

Read more
Microsoft is fixing my biggest problem with Windows 11 on handhelds
Asus ROG Ally with the Windows lock screen.

We're finally starting to make some progress on the handheld experience of Windows 11. Although Windows 11 handhelds like the ROG Ally X are some of the best handheld gaming PCs you can buy, that's despite their use of Windows, not because of it. Now, the latest Windows 11 Insider preview (build 22631.4387) adds a feature that should make navigating the OS much easier on a handheld -- a keyboard built for gamepads.

Windows has included an onscreen keyboard for years, and updates over the last couple of years have even made it usable with touch inputs. On a handheld, however, there are two problems with the keyboard. You can't invoke it naturally -- you have to bind Windows + Ctrl + O to a hotkey -- and you can't use your controller to navigate it. With the new update, Microsoft is fixing that last point, at the very least.

Read more