Professional Documents
Culture Documents
Introduction: Windows Update is a service provided by Microsoft to deliver security updates, feature
enhancements, and patches for the Windows operating system and other Microsoft products like
Microsoft Defender. These updates are crucial for maintaining the security, stability, and performance of
Windows devices.
Patch Tuesday: Updates are typically released on the 2nd Tuesday of each month, known as Patch
Tuesday. However, critical updates can be released at any time if deemed urgent by Microsoft.
Accessing Windows Update: You can access Windows Update through the Settings menu. Another
method is using the Run dialog box or Command Prompt by executing the command control /name
Microsoft.WindowsUpdate.
Key Points:
1. Managed Settings: In some cases, Windows Update settings may be managed, especially in
enterprise environments. Home users usually have direct control over their update settings.
2. No Available Updates: The absence of available updates in the attached virtual machine could
be due to the lack of internet access to communicate with Microsoft for new updates.
3. Forced Updates: With Windows 10, Microsoft has enforced updates more rigorously to ensure
that users receive critical updates promptly. Postponing updates is possible, but eventually, the
system will install them to maintain security.
4. Restart Required: Some updates may require a system restart. Windows 10 provides options to
schedule the restart, ensuring that users have control over when the update is applied.
User Interaction: While users may have been accustomed to delaying updates in the past, Windows 10
emphasizes the importance of timely updates for security reasons. Users can still postpone updates but
cannot ignore them indefinitely.
Restart Options: When a restart is required after an update, users are presented with options to
schedule the restart at a convenient time. This ensures that updates do not disrupt users during crucial
work hours.
Protection Areas: Windows Security is organized into distinct protection areas, each focusing on specific
aspects of security:
1
4. Device security
Status Icons: The status icons serve as visual indicators of your device's security status:
• Green: Your device is adequately protected, and no recommended actions are needed.
Accessing Windows Security: Windows Security can be accessed directly through the Settings menu.
Once opened, users can navigate through the different protection areas and take necessary actions
based on recommendations.
Note: The appearance may vary slightly between Windows Server and Windows 10 editions.
Next Steps: The subsequent tasks will provide insights into each protection area, starting with "Virus &
threat protection." Each area addresses specific security aspects, allowing users to manage and optimize
their device's security posture.
1. Current Threats:
• Scan Options:
• Full Scan: Examines all files and running programs on your hard disk, potentially taking
over an hour.
• Custom Scan: Allows you to choose specific files and locations for scanning.
• Threat History:
• Last Scan: Displays information about the most recent automatic scan conducted by
Windows Defender Antivirus.
• Quarantined Threats: Lists threats that have been isolated and prevented from running.
• Allowed Threats: Shows items identified as threats but permitted to run. Caution is
advised when allowing items labeled as threats to run.
Warning: Exercise caution when allowing identified threats to run, and only do so if you are certain of the
safety of the item.
• Manage Settings:
2
• Cloud-Delivered Protection: Enhances protection by accessing the latest threat data in
the cloud.
• Controlled Folder Access: Safeguards files, folders, and memory areas from
unauthorized changes by potentially harmful applications.
• Exclusions: Allows excluding specific items from Windows Defender Antivirus scans.
• Check for Updates: Manually checks for updates to ensure Windows Defender Antivirus
definitions are up to date.
• Ransomware Protection:
Note: Real-time protection in the attached VM is turned off for performance reasons, considering the
VM's isolated environment. In personal devices, ensure real-time protection is enabled and up-to-date.
Tip: You can perform on-demand scans on any file or folder by right-clicking the item and selecting 'Scan
with Microsoft Defender.'
• Windows Defender SmartScreen checks for unrecognized apps and files from the web, helping
protect your device against potential threats.
2. Exploit Protection:
• Exploit protection is integrated into Windows 10 (including Windows Server 2019) to enhance
device security against various attacks.
3
Key Functions:
1. Snapshot Coordination:
• VSS orchestrates the actions required to generate a snapshot of data, ensuring that the
data remains consistent and coherent during the backup process.
• Volume Shadow Copies are stored in the System Volume Information folder on each drive
where protection is enabled. This feature is part of the System Protection mechanism.
• When VSS is enabled, users can perform various tasks related to system protection and
restore points, including creating restore points, performing system restores, configuring
restore settings, and deleting restore points.
4. Security Considerations:
• Malware writers are aware of the existence of Volume Shadow Copies and may include
code in their malicious software to identify and delete these files. This malicious activity
aims to prevent users from recovering their systems, especially in the context of
ransomware attacks.
Security Perspective:
• From a security perspective, the potential vulnerability lies in the fact that malware may
intentionally target and delete Volume Shadow Copies to hinder recovery efforts. Having offline
or off-site backups becomes crucial in such scenarios.
Configuration in VM:
• If you wish to configure Shadow Copies within the attached VM, specific steps and settings would
be provided based on the context of the VM.