Among the new features that the Windows 10 Fall Creators Update offers are six new ways to enhance or better manage security settings. They include options to limit app access to your personal data and the ability to better protect folders, devices and executables, The step-by-step instructions below show how to make the best use of the new security features.
1. Cortana
The settings for Microsoft’s intelligent agent have been relocated to the Settings app. (When you click the Settings icon on the Cortana tool’s panel, it now jumps to the Settings app.)
Microsoft
Find Cortana under Windows Settings
Under the Cortana settings category, click "Permissions & history" to manage how Cortana accesses your personal information as you’re using Windows 10 and Microsoft online services.
Microsoft
Manage Cortana settings under "Permissions & history"
2. Exploit guard
EMET (Enhanced Mitigation Experience Toolkit) was a Microsoft tool which would prevent malicious code from exploiting security flaws in Windows systems. Microsoft retired it, but has implemented several of its features into the Fall Creators Update. Most of the tools of Exploit Guard are turned on by default. To see what they are and to adjust them individually, launch the Windows Defender Security Center app. (It’s listed on the app list in the Start menu.) Click "App & browser control."
Microsoft
Click "App & browser control" to access Exploit Guard
Scroll the panel down to "Exploit protection" and click "Exploit protection settings".
Microsoft
Find "Exploit protection settings" under "Exploit protection"
Under “System settings,” you can turn off or on six exploit protection tools: control-flow guard, data execution prevention, force randomization for images (mandatory ASLR), randomize memory allocations (bottom-up ASLR), validate exception chains (SEHOP), validate heap integrity.
Microsoft
Turn "Exploit protection" tools on or off under "System settings"
Under "Program settings," you can add an executable/program to tweak its functionalities to prevent it from being exploited by malware or intrusions. The 21 settings include the six under "System settings" and others such as block remote images, disable Win32k system calls, and validate API invocation.