The Fall Creators Update for Windows 10 debuts tools and changes that affect computer security. Here’s how to access them. Credit: Thinkstock Among the new features that the Windows 10 Fall Creators Update offers are six new ways to enhance or better manage security settings. They include options to limit app access to your personal data and the ability to better protect folders, devices and executables, The step-by-step instructions below show how to make the best use of the new security features.1. CortanaThe settings for Microsoft’s intelligent agent have been relocated to the Settings app. (When you click the Settings icon on the Cortana tool’s panel, it now jumps to the Settings app.) MicrosoftFind Cortana under Windows SettingsUnder the Cortana settings category, click “Permissions & history” to manage how Cortana accesses your personal information as you’re using Windows 10 and Microsoft online services. MicrosoftManage Cortana settings under “Permissions & history”2. Exploit guardEMET (Enhanced Mitigation Experience Toolkit) was a Microsoft tool which would prevent malicious code from exploiting security flaws in Windows systems. Microsoft retired it, but has implemented several of its features into the Fall Creators Update. Most of the tools of Exploit Guard are turned on by default. To see what they are and to adjust them individually, launch the Windows Defender Security Center app. (It’s listed on the app list in the Start menu.) Click “App & browser control.” MicrosoftClick “App & browser control” to access Exploit GuardScroll the panel down to “Exploit protection” and click “Exploit protection settings”. MicrosoftFind “Exploit protection settings” under “Exploit protection”Under “System settings,” you can turn off or on six exploit protection tools: control-flow guard, data execution prevention, force randomization for images (mandatory ASLR), randomize memory allocations (bottom-up ASLR), validate exception chains (SEHOP), validate heap integrity. MicrosoftTurn “Exploit protection” tools on or off under “System settings”Under “Program settings,” you can add an executable/program to tweak its functionalities to prevent it from being exploited by malware or intrusions. The 21 settings include the six under “System settings” and others such as block remote images, disable Win32k system calls, and validate API invocation. MicrosoftProtect executables from exploitation under “Program settings” MicrosoftSome of the 21 settings to protect from malware or intrusions3. PhoneThis is another new category in the Settings app, and it addresses a possible security issue. For example, your Android phone running certain Microsoft apps (like the Android app version of Cortana) can send notifications to your Windows 10 computer that you’ve authorized to receive from this phone.Under the “Phone” category, the Fall Creators Update adds an “Unlink this PC” function. You can click this to quickly cut off your Windows 10 computer from a linked phone. MicrosoftChoose “Phone” MicrosoftSelect “Unlink this PC”4. Protected foldersTo thwart ransomware or other malware from hijacking your files, the Fall Creators Update lets you restrict chosen folders so only apps that are considered safe by Microsoft, or that you have whitelisted, can access them. These apps will also be able to access and change documents (and other files) in these folders. You could lock down the Documents folder so that only Microsoft Word can access it.To use this feature, launch the Windows Defender Security Center app. Click “Virus & threat protection” and in the next panel “Virus & threat protection settings.” MicrosoftSelect “Virus & threat protection” MicrosoftSelect “Virus & threat protection settings”You’ll have to scroll down to see “Controlled folder access.” Click to switch this on. MicrosoftMake sure “Controlled folder access” is onClick “Protected folders” to open a list of folders that can be set for restricted access. By default, the Desktop, Documents, Favorites, Music, Pictures, and Video folders appear here. You can add other folders to this list by clicking “Add a protected folder.” MicrosoftAdd protected foldersWhen you turn on the controlled folder access switch, the Fall Creators Update automatically decides which apps are safe to allow access to the folders you’ve designated as protected. However, if this feature blocks a particular app that you know is safe, you can let it through by clicking “Allow an app through Controlled folder access.” MicrosoftAdd an allowed app5. Reset Microsoft account password from the lock screenIf you use a Microsoft account (like an email account from Outlook.com) to sign in to your Windows 10 computer, and you forget this account’s password, you can now recover it from the lock screen. (Previously, you could only do this from another browser capable computer or mobile device.)From the lock screen, click “I forgot my password.” This loads a recovery tool app. The email of the Microsoft account you used to sign in to your Windows 10 computer will be listed. (But you can enter in place of it another Microsoft account of yours to reset its password.) After passing the captcha, you can choose either to have a password reset number sent by text messaging to a phone or emailed to a recovery email address that you previously assigned to the Microsoft account. MicrosoftLoad the recovery tool appIf you selected PIN entry under “Sign-in options,” then you’ll see an “I forgot my PIN” option on the lock screen instead. You’ll be prompted to enter the password of your Microsoft user account that you used to originally sign in to this Windows 10 system. After this, you’ll be sent a text message or email with a code you can enter in this tool to reset your PIN. MicrosoftEnter your password6. Web browse more safely with Edge inside a virtual machineThis feature is only in the Enterprise edition of Windows 10, and your computer’s processor must be able to support Hyper-V, Microsoft’s virtual machine tool. If your system meets both requirements, the Fall Creators Update lets you open an Edge browser window that runs inside a virtual machine. If malicious code attacks the browser, it will be contained within the virtual machine and not spread to your computer’s main operations.This option for Edge isn’t available by default. The Microsoft Tech Community post “Windows Defender Application Guard Standalone mode” shows you how to turn it on.More Windows 10 security articlesHow Windows 10 data collection trades privacy for securityMicrosoft adds another layer to the Windows 10 patching onionThe paranoid user’s guide to Windows 10 privacyThe 10 Windows group policy settings you need to get rightMicrosoft unveils a bonanza of security capabilities Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills Careers Security news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe