Windows 10 Creators Update: What's on tap for Spring 2017 for business users

Microsoft plans to add more security and manageability features to Windows 10 Creators Update before its debut in Spring 2017. Here's what's coming.
Written by Mary Jo Foley, Senior Contributing Editor

Microsoft's coming Windows 10 Creators Update isn't just for those who want to make 3D models or use pens to digitally sketch on their PCs.


In October, Microsoft disclosed a number of the new, consumer-focused features coming to the next feature update to Windows 10, known as the Windows 10 Creators Update. Today, December 6, Microsoft officials went public with a list of new features aimed more at business users that will be in the Creators Update.

Microsoft is focusing on security and mangeability improvements with the coming update. A primary goal will be to make the Windows Defender Advanced Threat Protection (ATP) service that the company first released alongside Windows 10 Anniversary Update even more robust, officials said.

ATP is a service aimed at enterprises for detecting and responding to advanced attacks. ATP goes beyond what's in plain old Windows Defender. It is a post-breach service meant to help detect threats that have made it past other defenses, provide users with means to investigate breaches, and offer suggested responses.

With the Creators Update, Microsoft is beefing up the detection capabilities of ATP by enabling its sensors to detect threats that persist only in memory or kernel-level exploits. Microsoft also will allow IT admins to add their own alerts unique to their companies to the service. (Ultimately, officials said, Microsoft would like to add these alerts back into the main ATP threat database -- with the OK of the participating users -- but that functionality is not part of the Creators Update.) Microsoft also is beefing up the remediation actions supported by ATP to further reduce response time.

On the manageability side, the Creators Update will add new capabilities to Windows Upgrade Analytics, specifically around the Windows Analytics Dashboard. Rather than only monitoring which PCs are running which versions of Windows, the updated dashboard will provide more telemetry on device-health of PCs in an organization. Microsoft's Operations Management Suite will be integrated directly with the dashboard, providing users with a secure way to analyze those insights, officials said.

There's a new UEFI-conversion tool that will be part of Creators Update as well that will reduce the need for IT pros to manually convert Windows 7 devices using legacy BIOSes to UEFI. This tool can be integrated with other management tools like System Center Configuration Manager, officials said.

Additionally, Microsoft is adding new mobile application-management functionality into the Creators Update that won't require devices to use a separate mobile device management product to help isolate personal and work data and appropriately protect restricted content. Sign-up will be enabled directly within the applications.

The coming ATP-specific features I mention above are part of the Windows 10 Enterprise/E5 version only. The new mobile application management functionality will work across all the different Windows 10 variants. Microsoft will be lighting up all of these coming features in Windows 10 test builds in the coming weeks.

Microsoft recently also acknowledged that the company is working on a new Edge browser security feature that's been rumored for some time: Container-based isolation in the browser. That feature, codenamed "Barcelona," may or may not be part of the Creators Update; if it hasn't been tested sufficiently by "Spring 2017" -- the date by which Microsoft officials say Creators Update will be released to mainstream users -- it may become part of Redstone 3, expected in the Fall of 2017.

Microsoft's internal ship target for the Windows 10 Creators Update (previously known by its codename, "Redstone 2,") is March 2017, sources have confirmed.

Editorial standards