Skip to main content

Windows 10 Anniversary Update to include lots of security improvements

Microsoft has posted more details on how the upcoming Windows 10 Anniversary Update will include a number of security improvements for the OS. The update will be released for free to all Windows 10 users on August 2.

In a blog post, Rob Lefferts, Microsoft's Director of Program Management, Windows Enterprise and Security, goes over some of those security upgrades. One of them is that the TPM (Trusted Platform Module) 2.0 will be available for all PC OEMs to use in their hardware products:

Now with the Windows 10 Anniversary Update, Windows Hello's biometrics validation components and the user's biometric data will be moved into this environment to help further ensure this data remains secure from the most advanced threats.

The Microsoft Edge web browser will get some more security improvements for the Windows 10 Anniversary Update:

  • The use of our AppContainer sandboxing technology enables us to isolate the browser from the rest of the OS, apps and user data.
  • A new plug-in model prevents plug-ins implemented with insecure designs from running.
  • New mitigations in ASLR and Control Flow Guard harden the browser from code injection and memory corruption attacks to help defeat common exploit techniques, such as heap spraying and ROP.
  • Untrusted and malicious fonts that were served by web pages and embedded in docs are now blocked and the font parsing code has been sandboxed.

The Windows Hello biometric sign-in feature that launched with Windows 10 will also get some improvements for the Anniversary Update:

We have fully integrated Windows Hello into one seamless stack. The integrated code base in Windows Hello will support the full range of biometric authentication factors and manage user credentials used for authentication.Today, Windows Hello requires enrollment of the user's identity on each and every device they want to use. However, some organizations have requirements that prevent the enrolment of user credentials onto a PC or mobile device. Those users can now take advantage of Windows Hello Companion Devices and Apps, which enable the Windows Hello factors of authentication and the credentials themselves to be distributed across devices in nearly any possible configuration.

Enterprise users of Windows 10 will be able to access the new Windows Defender Advanced Threat Protection for the Anniversary Update:

Building on the existing security defenses Windows 10 offers today, WDATP provides a new post-breach layer of protection to the Windows 10 security stack. With a combination of client technology built into Windows 10 and a robust cloud service, it will help detect threats that have made it past other defenses, providing enterprises with information they need to investigate breaches across endpoints, and offer response recommendations.

27 Comments
  • What cost for w10 would be given by win7/8 users after 29 July ?
  • Full price like now.
  • Same cost as all Windows-versions in the past. It also depends on which SKU you are buying. It is a minimum of $100.
  • After July 29 2016, W7 and W8 users will have to pay $99-$299 for the upgrade
  • More biometric logins on the web ASAP please! I am so over creating new passwords for every single site and service and having to manage them even with nice programs like Lastpass and the like.
  • Really good updates. Will switch to Edge as my prime browser after updates will be implemented, together with pluging functionality.
  • I will switch to Edge when ad block comes out for it
  • It already has! You're literally just waiting for the same update as the guy above you. Posted via the Windows Central App for Android
  • I know about the program version but its crap and seriously slows the browser. I am starting to like Brave browser which is very fast and clean.
  • I've not had issues with it. Literally the only problem I've been having with Edge is it doesn't navigate to the webpage I entered after Edge first launches. I either have to wait a moment or do it twice. Windows Central Universal Application for Windows 10
  • Its a SHAME MS for releasing buggy OS to their non-insiders, what is the use of purchasing high end mobiles for $600 and still get unfinished OS ? ? MS is releasing updates to Fast/Slow rings too frequently but failed to improve its official builds..... Pls celebrate Win10 Anniversary only when u resolve the basic issues of ur Mobile users.....
  • What issues? My 930 runs just fine, just as smooth as 8.1
  • Agree, my L1520 is working all good, no issues at all, i will miss the messaging everywhere after this new build that came last night, rest is all good, looking forward to a better messaging everywhere in skype this time, like MSFT promised in the post last night.
  • It consume hell of a battery, battery backup is still less, finishes within 12 hrs with moderate usage. App crashes if u use any app for 5-10 mins, App scaling issues if u have notification bar, I think 930 comes with built in mobile so np.....
  • My 950XL works perfectly... What issues exactly?
  • Seconded, my 950XL works smoothly and always has.
  • I upgraded my Icon from 8.1 to Windows 10 for Phone and it's fantastic. Not buggy.
  • My Release Preview Lumia 830 has almost consistently run smoother than my Fast Ring Lumia 640 until very recently. Posted via the Windows Central App for Android
  • I'll try it and see if I like it. I haven't used any of the Insider Builds since they released Windows 10 to everyone. Off & on since it's been out I've had occasions where I hate it. I don't like the way Microsoft is more interested in releasing new features, before they fix existing bugs first. Also what's the point of them owning Skype, if they're not going to add improvement to it?? Oh yeah, well you'll have to wait more time for messaging in Windows 10. Why can't the Mail app, Office 2013 or Office 2016 work with a Gmail account properly? They kill Windows Media Center and give us Movies & TV as a replacement? Why the hell can't we use our tv tuner's in it to watch or record tv?? DUMB MICROSOFT Still alot of things they need to do. I'll also bet the installed devices count is a huge lie, too. For instance as a insider anytime a new build is released they keep tallying those installs, when it's 10+ installs on one pc/laptop or tablet. Same thing thing happens too on Windows 10 RTM versions Personally to me there's only 3 thing Windows 10 really has, that I didn't have in Vista, 7, 8 or 8.1, Cortana, Virtual Desktops and DirectX 12. As far as DirectX 12 goes, we may not need it thanks to the corsortium for Vulkan. Nvidia, AMD and Intel are all member's of it, so DX 12 may not truly matter.   
  • They are improving Skype... They're even moving the entire program over to the modern runtime. You have to ask Gmail why their service is not working good with other software. Movies & TV and WMC is not the same service. M&T is a media player with support for exploring and buying additional content whereas WMC is a media center. There are third-party media centers available though, isn't there? The usage was too small to excuse the cost of developing it. Simple business practice. The installed device count is not a lie... Why would it be? No, they aren't adding up insiders. One install, not upgrades or insiders. W10 has a lot more than what you might think you might have had in Vista-8.1. Most things happen under the hood and there has been a lot of security upgrades over the years that aren't available on old devices. You simply do not know enough to know the difference. DX12 will continue to be as important as DX has always been.
  • About media centre: That's not dumb, its sorting out their priorities. They had to pay a license fee for every copy of windows sold before, regardless if the user used media centre or not. And to tell you the truth, most didn't. So instead of doing that, they killed it to save them some money and save the end user some money, because most people who were buying it didn't use it. Movies and tv also costs them this license fee, but only for those who had media centre, so the average user who doesn't even know what media centre is, MS doesn't have to pay for them And if you look around on the internet you can find workarounds to get media centre on windows 10. And btw windows 10 has a ton more features than 7. It has apps, yes a whole store full of apps, without which you wouldn't have mail and calendar at all. It has much better touch support, works better on low memory devices, has a much cleaner and constantly improving ui, has cortana as you mentioned, has dx12 as you mentioned, has virtual desktops as you mentioned, has live tiles, new start menu, new browser which is soon to become more feature full with extensions. Need I say more? Oh yeah, and its free. In the past, people have paid lots of money for updates as big as this, me included. I wonder how many would have installed it had it not been free
  • Gmail works fine with the mail and calender app...
     
  • At least security improvements are still making it to the update... That's something I guess
  • No sane enterprise should rely on Windows Defender.
  • Defender is fine and appropriate for an individual PC. Microsoft also offers perimeter defense options for enterprise. (Nothing wrong with third-party defense options either, but Defender runs better and more sealessly while using fewer resources in my experience)
  • Many SMBs rely on Windows Defender given the high cost of 3rd party tools to license, manage and install and all the 3rd parties suck IMHO.  I work at a large company that uses McAfee and at times it sucks all the life of my laptop to the point that I cannot even recieve email. 
  • Still no Word Flow for us tablet users. Nice!