Patch Lady – best security features of 1809

Topic

New Reply

1809 may have some bugs that need to be worked out, but once it is fixed up, there are some security goodnesses in it that are worth mentioning.  And
[See the full post at: Patch Lady – best security features of 1809]

Susan Bradley Patch Lady/Prudent patcher

3 users thanked author for this post.

rc primak, Kirsty, woody

Reply | Quote

Replies

I have always thought that Windows 10 is excellent, and getting better, from a security perspective. I believe that just about all the telemetry (or maybe all of it) is gathered for the purpose of making Windows 10 better and more secure.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

It’s a total disaster in matter of security and privacy looking from a technical standpoint. Windows is insecure by design, based partly on technology of around 20 years old. The security measuseres introduced are just patches to shield of the vulnerabilities. There are so many of those that monthly patching is required. Other operating systems are much more modern and designed from the ground up as secure. That’s the case with Unix, Linux, macOS, iOS and even (more recent versions of) Android. Basically indirectly all family of eachoteher. Under Windows, it will be always a race between bad guys and good guys to plug holes. A modern, secure by design OS has much less of those troubles. And if a leak is discovered, first of all it will be very difficult to abuse and easy to repair. Just because of the whole inner workings that are clean, modular and easily adjustable.

1 user thanked author for this post.

rc primak

Reply | Quote

Just to be fair, Linux has some long-ignored security vulnerabilities of its own.

-- rc primak

Reply | Quote

@mrjimphelps yes I concur in the light of the ongoing and recent indiscretions with data around the web Microsoft is either strangely aloof or not a mention of being embroiled in, or not linked to any Data being “Harvested” or hawked around the Web for sale to the highest bidder.
There are a couple of annoying Ads using UWP Apps mainly for M$ products and services and occasional local products proffered to the Region you allow your Win10 machine to be identified as being located in but nothing you cant turn off in Settings or use 127.0.0.1 (or 0) in your hosts file, but you need to keep on top of it otherwise they creep back if that’s a persons particular “Pet Peeve” I am fairly careful and exercise a great deal of frugality when putting any personal details online so maybe that’s why I have never been pestered with or ever “caught” a Virus or Malware, avoiding Shady “Something for Nothing” web sites may have helped over the years. Not since probably early XP days when I could say for sure I had been hit. Win10 seems like its continuing that trend, although for some reason it keeps flagging a couple of Bios Mod Tools specifically the Binary files, which have to be excluded alas from AV scans, although not really a worry as they are from a reputable source. So no concerns for Win10 1809 on that front apparently yet just the “niggly” seemingly “oldy but goody” Network issue with Realtek Family Network card (probably driver/Win10 incompatibility seemingly started Win10 1709) and of course the extraction of zip files irregularity lack of prompts/failure to overwrite, that’s it so far so good for Win10 1809 still a few Months before I decide to “jump ship” from 1709 to either 1803 or 1809.

Reply | Quote

Susan,

Now list for me all the security exceptions, disabled security features etc. required to make customer’s applications run.

 

1 user thanked author for this post.

rc primak

Reply | Quote

I haven’t disabled anything and my applications run.  What issues are you seeing?

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

Susan Bradley wrote:

Finally, disabling Advanced Graphics improves video and graphics performance with Hyper-V virtualization technology.

I think this should say, “… does not improve …”.

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

a cloud based forensic review service that allows one to gain more inside into the innards of the operating system

Insight?

-- rc primak

Reply | Quote

Obviously I need editors like you 🙂

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

Jan K., rc primak

Reply | Quote

I still insist on never putting all my security eggs in one basket. I use third-party antivirus with Windows 10 Pro, and I do not trust “crowd-sourced” or “cloud-sourced” heuristics in a security setting. In Linux I use ClamAV, and in Windows I use third-party antivirus and second-opinion scanners, as well as Microsoft’s own scanners. But not MS’s first-line defenses. Those I do not trust to Microsoft, and independent testing still bears me out on this.

Since I use the Google Chrome browser, I would rather let Google and its partners look after browser security than Microsoft and their partners. In both cases, third-party extensions are my preference.

-- rc primak

Reply | Quote

rc primak wrote:

I use third-party antivirus with Windows 10 Pro, … But not MS’s first-line defenses. Those I do not trust to Microsoft, and independent testing still bears me out on this.

Windows Defender on Windows 10 has been a “Top Product” in independent tests for most of this year:

AV-TEST Product Review and Certification Report – Windows Defender – May-Jun/2018

AV-TEST Product Review and Certification Report – Windows Defender – Jul-Aug/2018

Windows 11 Pro version 22H2 build 22621.2361 + Microsoft 365 + Edge

Reply | Quote

You don’t have to use windows defender – there are some third party enterprise level a/vs that are playing nice nice with the ATP stuff.  The cloud forensics is very cool and very informative.  My wish is that they bring this down to all versions of Windows 10.

Susan Bradley Patch Lady/Prudent patcher

2 users thanked author for this post.

woody, rc primak

Reply | Quote

I’m not saying Windows Defender hasn’t improved. In fact, recently it has become quite decent. I still prefer not to put all my security eggs in one basket. This is largely a personal choice, not a value judgment.

BTW, it isn’t difficult to be a “Top Product” in those tests. However, any “Top Product” probably will do the job. As long as everyone has something, I won’t argue further over which is good, better or best.

I agree with Susan that bringing Cloud Intelligence (ATP Forensics) down to the Pro and Home editions of Windows Defender would be a great addition. Even though I am skeptical of Cloud AV, since that is sometimes synonymous with Crowd Sourcing, which I do not trust one bit. (The Wisdom of the Crowd is vastly overrated. Look at the Crowd during the French Revolution and thereafter, as described by sociologist LeBon. I think we can also find modern parallels.)

There’s good Cloud Intelligence and there’s bad Cloud Intelligence. Microsoft has for Enterprise users, a good model. Let’s encourage them to bring this model to Pro and Home users.

-- rc primak

1 user thanked author for this post.

woody

Reply | Quote