
Hardening Windows 10 with zero-day exploit mitigations - dsr12
https://blogs.technet.microsoft.com/mmpc/2017/01/13/hardening-windows-10-with-zero-day-exploit-mitigations/
======
arachnophobe
Never mind hardening windows, how about stopping Windows update behaving like
some sort of particularly malicious malware by forcing me to rebuild my
machines at random after an update? AU forced one machine to be fully
reinstalled, last week's update rendered another machine inoperable with admin
access denied on windows system programs (mmc etc.) followed by boot device
error (disc was fine) with no restore or roll-back available, so had to
rebuild that one too. Getting very tempted to set windows update addresses to
point to Host.

~~~
nly
I hate how Windows 10 silently installs updates and then rolls them back every
time I boot it up (and then forces another reboot)... all because I have a
Linux bootloader installed and C: isnt the active partition.

Fuck you Microsoft. This is 2017. You've had 25+ years to perfect dual
booting.

~~~
mtgx
You're making it sound as if Microsoft would _want_ dual-booting to work.
Hasn't the Surface Pro been pretty bad for using Linux on it so far, compared
to other notebooks?

------
feld
Instead of discussing the merit of these exploit mitigations this has turned
into a complaint forum about Windows update. Mods?

------
kodfodrasz
How does this Windows Defender ATP relate to EMET?

------
reiichiroh
Still prefer to run Win10 with Surfright/Sophos HitmanPro Alert.

------
jasonkostempski
There's still one major, consistent source of unwanted access and software
that hasn't been addressed.

