Windows 10 and Application Guard
New Windows 10 version shows ‘Application Guard’
The Windows 10 Insider Build 16188 delivers new features in the standard Edge and PDF browser. In addition, a new application security over containers isolates individual browser windows and ensures more security.
In the current preview version, Microsoft is showing new features from Redstone-3. Especially with the standard browser edge integrated in Windows 10 Microsoft provides with the Preview Build 16188 for new features. The preview is only available for participants of the Windows Insider program.One new feature is that PDF files can be annotated and PDF-based forms can be filled directly into Edge.
With Windows Defender Application Guard, the Edge browser provides a new level of security to protect businesses from targeted attacks. Microsoft has developed this under the code name Barcelona based on virtualization. Potentially harmful code is to be isolated in containers, thus preventing distribution in the network. Microsoft wants to provide maximum protection against malware and zero-day attacks against Windows.
The feature works like a sandboxing. Thus, the browser prevents content and downloaded files from harming the system. After surfing, the isolated tab closes and clears all malicious code together with the temporary container. System administrators can also create whitelists of safe sites that are opened in traditional edge windows. Sites that are not recorded then open Edge in an Application Guard container.
However, the new security feature is only tested with Build 16188 from Windows 10 Enterprise Edition and initially only in the US English version. The PC must also support hypervisors. By default, Windows Defender Application Guard is not active, but must be enabled either manually or via policies.
Windows 10 Security System
After activation, a restart is required to make the feature available. If Edge is subsequently opened, it offers the opening of a new application-guard window with a new menu item. This opens a browser instance that is protected by Application Guard.
The official introduction of the security features is to take place with the next Windows version, which is developed under the code name Redstone 3 and is to be expected as version 1709 in September. Microsoft has so far said nothing about whether it will extend Application Guide beyond Enterprise Edition to other versions of Windows or expand to other applications.
Even the Windows 10 Creators Update brought new security features. Thus, Windows Defender ATP improved the threat detection by memory and kernel sensors. In addition, the latest major update also includes numerous enhancements for enterprise users.