- Feb 25, 2017
IntroductionHarden Windows 10 - A Security Guide provides documentation on how to harden your Windows 10 21H1 (configuration pack version 21H1-B 2021-08-02).. It explains how to secure your Windows 10 computer. The knowledge contained stems from years of experience starting with Windows Vista. Hardening is performed using mostly native Windows tools and Microsoft tools.
Malware and hackers attack by exploiting security bugs and vulnerabilities. Even talented programmers make coding bugs, guaranteed by evidence of the last 50 years of computing, and unavoidable. The solution is to reduce attack surface so that we expose less opportunities for exploitation. One core concept is Least Privilege, when you are using an admin account and you get successfully attacked, the attacker gains admin control over the whole PC. Least privilege says you don't run as admin for day to day tasks, and thus you lessen the chance of a complete takeover. Another core concept is minimization. You configure your system so that it is only able to do what you normally do, and nothing else. This minimizes the number of exploitable security bugs that can possibly run, lessens your exposure, which is called the attack surface. By removing services and programs that listen or respond to the internet 24/7, you take out the possibility of anybody sending them an exploit. If a new vulnerability is found months down the road, but it does not run on your system, it is already taken care of. We will reveal several other security principles, which allows you to adapt and evolve your defenses as threats change with the times. There are many places in Windows where risk outweighs features, and this hardening guide goes through them one by one. Also, we will implement several layers of FREE security (anti-malware is not the only thing that does security), if one layer gets broken through, you still have another, then another.