Windows 10 support extended again: September releases now get 30 months

And Microsoft is offering enterprises dedicated app compatibility support.

Article intro image

Enlarge / Licensing is not really the easiest topic to illustrate. (credit: Peter Bright)

In its continued efforts to encourage corporate customers to make the switch to Windows 10, Microsoft is shaking up its support and life cycle plans again. Support for some Windows 10 releases is being extended, and the company is offering new services to help detect and address compatibility issues should they arise.

The new policy builds on and extends the commitments made in February this year. Microsoft has settled on two annual feature updates (the "Semi-Annual Channel," SAC) to Windows 10, one finalized in March (and delivered in April) and the other finalized in September (and delivered in October). Initially, the company promised 18 months of support for each feature update, a policy that would allow customers to defer deployment of feature updates or even skip some updates entirely. Going forward, the September releases are going to see even longer support periods; for Windows 10 Enterprise and Windows 10 Education, each September release will receive 30 months of servicing. In principle, an organization that stuck to the September releases could go two years between feature updates.

Customers of Windows 10 Home, Pro, and Pro for Workstations will continue to receive only 18 months of updates for both March and September releases.

Read 9 remaining paragraphs | Comments

Windows Defender Advanced Threat Protection coming to Windows 7 and 8.1

(credit: Jerry Raia)
Windows Defender Advanced Threat Protection (ATP), Microsoft’s security software that combines end-point security and data collection with cloud analytics, has hitherto been unique to Windows 10. But no longer; Microsoft announc…

(credit: Jerry Raia)

Windows Defender Advanced Threat Protection (ATP), Microsoft's security software that combines end-point security and data collection with cloud analytics, has hitherto been unique to Windows 10. But no longer; Microsoft announced today that it's bringing the same features to Windows 7 and Windows 8.1.

Coming this summer, the Endpoint Data and Response (EDR) portions of ATP will be available for these older operating systems, allowing their health and status to be managed through the cloud interface. This will be paired with either third-party anti-virus for endpoint protection or Windows Defender/System Center Endpoint Protection.

This move shows the contradictory position Microsoft finds itself in. On the one hand, Microsoft wants enterprises to deploy and use ATP, as it continues to build its cloud-based device management and monitoring software. On the other hand, Redmond wants those same companies to upgrade to Windows 10. This creates a tension: having ATP as a Windows 10 exclusive feature makes Windows 10 more attractive—Microsoft says that security is one of the major reasons enterprises cite for moving to the new operating system—but with many organizations still having Windows 7 and Windows 8.1 systems that they need to support, the inability to monitor those machines makes ATP less attractive.

Read 1 remaining paragraphs | Comments

Windows 10 will try to combat ransomware by locking up your data

Enlarge / Cryptolocker was one of the ransomware pioneers, bringing together file encryption and bitcoin payment. (credit: Christiaan Colen / Flickr)
The latest Windows 10 build, today’s 16232, contains a few new security features. In addition to th…

Enlarge / Cryptolocker was one of the ransomware pioneers, bringing together file encryption and bitcoin payment. (credit: Christiaan Colen / Flickr)

The latest Windows 10 build, today's 16232, contains a few new security features. In addition to the richer control over exploit mitigation that Microsoft announced earlier this week, the new build also includes a trial of a new anti-ransomware capability.

The long-standing approach that operating systems have used to protect files is a mix of file ownership and permissions. On multi-user systems, this is broadly effective: it stops one user from reading or altering files owned by other users of the same system. The long-standing approach is also reasonably effective at protecting the operating system itself from users. But the rise of ransomware has changed the threats to data. The risk with ransomware comes not with another user changing all your files (by encrypting them); rather, the danger is that a program operating under a given user's identity will modify all the data files accessible to that user identity.

In other words, if you can read and write your own documents, so can any ransomware that you run.

Read 4 remaining paragraphs | Comments

Windows 10 will try to combat ransomware by locking up your data

Enlarge / Cryptolocker was one of the ransomware pioneers, bringing together file encryption and bitcoin payment. (credit: Christiaan Colen / Flickr)
The latest Windows 10 build, today’s 16232, contains a few new security features. In addition to th…

Enlarge / Cryptolocker was one of the ransomware pioneers, bringing together file encryption and bitcoin payment. (credit: Christiaan Colen / Flickr)

The latest Windows 10 build, today's 16232, contains a few new security features. In addition to the richer control over exploit mitigation that Microsoft announced earlier this week, the new build also includes a trial of a new anti-ransomware capability.

The long-standing approach that operating systems have used to protect files is a mix of file ownership and permissions. On multi-user systems, this is broadly effective: it stops one user from reading or altering files owned by other users of the same system. The long-standing approach is also reasonably effective at protecting the operating system itself from users. But the rise of ransomware has changed the threats to data. The risk with ransomware comes not with another user changing all your files (by encrypting them); rather, the danger is that a program operating under a given user's identity will modify all the data files accessible to that user identity.

In other words, if you can read and write your own documents, so can any ransomware that you run.

Read 4 remaining paragraphs | Comments