News

New Windows 10 Security Scan Option Coming Soon

• By Kurt Mackie
• 05/31/2016

When Windows 10 "anniversary update" arrives later this summer, it will be coming packed with a new malware scanning feature.

This option, called "limited periodic scanning," will be part of Microsoft's existing Windows Defender antimalware service that's included with Windows 10 for consumer users, but it's principally designed to work on machines that use other antimalware programs. It's conceived by Microsoft as being supplementary to those antimalware programs.

"Limited Periodic Scanning is intended to offer an additional line of defense to your existing antivirus program's real-time protection," Microsoft's announcement this week explained.

Right now, the limited periodic scanning service isn't designed for use on domain-joined PCs used in organizations. It's just for consumers. However, Microsoft's announcement suggested that it could arrive sometime for its commercial customers:

At this time, Windows 10 Limited Periodic Scanning is intended for consumers. We are evaluating this feature for commercial customers, but Limited Periodic Scanning only applies to unmanaged devices for the Windows 10 Anniversary Update.

The new limited periodic scanning option will be something like a cross between Windows Defender and the Microsoft Safety Scanner solution that consumers typically turn to when they suspect their machines have malware. The main difference is that the limited periodic scanning service will be more direct than the Microsoft Safety Scanner, which requires a download. It also will automatically remove malware without user intervention, although users will get a notice to that effect. Maintenance times for running will be determined automatically by the Windows Automatic Management service, based on user inactivity.

The limited periodic scanning feature is currently available for preview as part of this week's Windows Insider build of Windows 10 with rollout planned for the summer.

In other security news, Microsoft announced this week that a "new type of ransomware that exhibits worm-like behavior" has been seen. The ransomware, labeled "Ransom:Win32/ZCryptor.A" by Microsoft, blocks user access to their machine's files.

ZCryptor gets spread through spam e-mail messages, macros and fake program installers. Antimalware solutions, including Windows Defender, can detect it. Microsoft also recommends turning on the Microsoft Active Protection Service, which reports "suspicious queries" that may indicate malware. Other security measures to take were described in Microsoft's announcement.