Late last week Microsoft released Windows 10 Creators Update Build 15042 as the 21st testing build for Windows Insiders on PCs. Various signs, such as the lack of a desktop watermark showing pre-release build information in Build 15042 point towards the development of this third major update to Windows 10 being near completion and its expected release in April 2017.
While no new large scale features are expected to be added to the Creators Update at this point since the upgrade is now feature complete according to Microsoft, that does not mean some new settings might not appear in these final testing builds.
One in particular was discovered over the weekend that shows a step that might just add a new level of security to Windows 10, which Microsoft has already labeled the most secure version of Windows ever, and it can prevent rogue software from installing on the system. It could also have a secondary impact by encouraging desktop software developers to add their offering to the Windows Store via the Desktop App Converter and thus growing the software listings in the Store.
This setting is listed in Windows Settings>Apps>Apps & features under the Installing apps header.
There are three choices in the drop down menu:
Allow apps from anywhere - The user will be able to install compatible software that is downloaded from the Internet or selected from the Windows Store.
Prefer apps from the Store, but allow apps from anywhere - If an option is available in the Windows Store for the application that is being downloaded from the Internet then it sounds like this setting will offer that as an option prior to downloading it from the Internet. User will have the option to use either one without restriction. Note: I tested this with LastPass while using Microsoft Edge on the LastPass website and it redirected me to the LastPass Edge extension in the Windows Store instead of the universal Windows download that shows up in other browsers. The referral into the Windows Store only seems to work when using Microsoft Edge as other browsers such as IE continue to the universal download page.
Allow apps from the Store only - Only apps listed in the Windows Store will be authorized for installation. Any attempts to download an application from the Internet will be blocked.
If that last option is selected and you download a desktop program to install it will result in this pop-up warning dialog when you execute the downloaded software:
There is no option in this dialog to temporarily disable this restriction to give permission for the install on a case by case basis but it does link to Windows Settings>Apps>Apps & features so the entire option can be disabled. You will also see a button at the bottom of the dialog to see more in the Windows Store but it just goes to the Store's main page and does not show any results based on what you were downloading.
I must admit - this is a great feature although it seems to not be fully implemented at this point because of its inconsistency at re-directing to options in the Windows Store in any other browser except for Edge. It will also prevent rogue drive-by downloads, a common attack vector of ransomware/viruses, from executing on your system
I tested this option on both Windows 10 Home and Professional and this setting is available on both of these operating system SKUs. Since it is available on the Professional version of Windows 10, Microsoft may also be looking to make that a setting that can be set by Group Policy on managed devices.
It will be interesting to see how this progresses over the next couple of builds leading up to the Creators Update release in April however, keep in mind this is pre-release software and it could also get yanked without hesitation by the Windows team if they feel like it is not ready for prime time.