How to Check Windows 10 PC Security Settings
If you want to know how secure your Windows 10 device really is, the fastest path is to inspect the built-in security controls Microsoft includes by default.
This guide shows where to look, what each setting means, and which options matter most for everyday protection.
Windows 10 combines Microsoft Defender Antivirus, firewall controls, account protection, and device security features into one system, but many users never verify the basics.
Checking these settings regularly helps you catch weak spots before malware, phishing, or unsafe app behavior can exploit them.
Start with Windows Security
The central dashboard for most security checks is the Windows Security app, also called Windows Defender Security Center in older documentation.
Open it from the Start menu by typing Windows Security, then review the main categories one by one.
- Virus & threat protection for malware status and scan history
- Account protection for Microsoft account and sign-in options
- Firewall & network protection for network defenses
- App & browser control for reputation-based protection
- Device security for hardware-based protections like Secure Boot and TPM
Each section gives a clear status indicator, such as no actions needed, warnings, or settings that require attention.
If you are learning how to check Windows 10 PC security settings, this dashboard is the best place to begin because it reveals whether core protections are on.
Check Virus & Threat Protection
The Virus & threat protection page shows whether Microsoft Defender Antivirus is active and whether recent scans found anything suspicious.
Open Windows Security, choose Virus & threat protection, and review the current protection status.
What to verify here
- Real-time protection is on
- Cloud-delivered protection is on
- Automatic sample submission is enabled
- Protection updates are current
Run a quick scan if the device has been exposed to unknown downloads, email attachments, or removable drives.
For a deeper check, use Scan options to run a full scan or Microsoft Defender Offline scan if you suspect persistent malware.
The Threat history section is also important.
It shows detections, quarantined items, and allowed threats, which can reveal whether a user accidentally permitted a risky file.
Review Firewall & Network Protection
The Windows Defender Firewall is one of the most important controls for blocking unauthorized network traffic.
In Firewall & network protection, verify that the firewall is turned on for every network profile you use.
- Domain network for work-managed environments
- Private network for trusted home or office networks
- Public network for airports, cafes, and shared Wi-Fi
If any profile is disabled, the device is more exposed to inbound attacks and unauthorized connections.
Public network protection should always be enabled unless a legitimate troubleshooting need requires a temporary change.
You can also check whether any app has been allowed through the firewall.
Review exceptions carefully, especially for remote access tools, file-sharing apps, and games that request network access.
Inspect App & Browser Control
Windows 10 includes reputation-based protection to help block suspicious apps, downloads, and websites.
Open App & browser control to review settings tied to Microsoft Defender SmartScreen and related protections.
Important settings to review
- Check apps and files for malicious or unknown downloads
- SmartScreen for Microsoft Edge to warn about dangerous sites
- Potentially unwanted app blocking to reduce bundled adware and toolbars
These protections are especially useful because many threats arrive through the browser rather than traditional malware installers.
If SmartScreen warnings appear frequently, that is usually a sign to slow down and verify the source before opening a file or link.
Look at Account Protection
Account protection focuses on identity and sign-in security.
In this section, check whether the device is linked to a Microsoft account, whether Windows Hello is configured, and whether password-related protections are available.
Windows Hello adds biometric or PIN-based sign-in options such as fingerprint, facial recognition, or a PIN.
These methods are often safer and more convenient than typing a password repeatedly, especially on shared or mobile devices.
What strong account protection looks like
- A strong Windows sign-in PIN or Windows Hello method
- Two-factor authentication on the Microsoft account
- Password recovery information that is current
- No unknown accounts with admin access
If multiple people use the PC, check the Family & other users area in Windows settings as well.
Remove accounts that no longer need access and make sure standard users are not assigned administrator privileges unless required.
Check Device Security
The Device security page reports on hardware-backed protections that help defend the operating system before Windows fully loads.
This area can show features such as Secure Boot, Core isolation, Memory integrity, and TPM-related security support.
These settings matter because they raise the bar for rootkits, boot-level tampering, and advanced threats.
Not every Windows 10 PC will support every feature, but a capable machine should show at least some of them as active.
Key items to review
- Secure Boot enabled in UEFI firmware
- Core isolation available where supported
- Memory integrity turned on if compatible
- Trusted Platform Module (TPM) present on modern systems
If Core isolation or Memory integrity is off, check whether incompatible drivers are preventing activation.
Driver compatibility issues are common on older hardware and can require an update from the device maker.
Use Windows Update as a Security Check
Security settings are only as effective as the patches behind them, so Windows Update should always be part of your review.
Open Settings, choose Update & Security, then check for pending updates.
Install cumulative updates, driver updates, and Microsoft Defender definition updates promptly.
Attackers often target known vulnerabilities that have already been patched, which means an unupdated PC can become vulnerable even when security features are turned on.
Also review Advanced options to confirm update pauses, restart scheduling, and active hours are reasonable for your workflow.
Delayed restarts can leave important protections incomplete.
Check Privacy and Sharing Settings
While privacy settings are not the same as security settings, they still affect exposure.
Open Settings > Privacy and review access to the camera, microphone, location, contacts, and other sensitive data.
Limit app permissions to the minimum needed for daily use.
A trustworthy app does not need unrestricted access to everything on the device, and unnecessary permissions can widen the impact of a compromise.
- Disable unused sensors and permissions
- Review background app activity
- Turn off sharing features you do not use
- Confirm browser permissions for notifications and location
Review User Account Control and Admin Access
User Account Control, or UAC, helps prevent silent changes by prompting when software tries to modify system settings.
To check it, search for UAC and open the control panel settings.
The recommended setting is usually near the top of the default slider, which balances security and usability.
If UAC is turned down too far, malware or risky software may find it easier to make changes without clear prompts.
Also confirm that daily-use accounts are standard accounts rather than administrators.
Keeping admin rights limited is one of the simplest ways to reduce accidental damage and limit the impact of malicious software.
Check for Security Gaps in Third-Party Software
Many Windows 10 security issues are caused by outdated browsers, plug-ins, remote access tools, Java, PDF readers, or archive utilities.
Review installed applications and remove anything unused, unsupported, or duplicated by another tool.
Focus on software that can interact with the web or open external content.
Keep browsers, PDF readers, and communication apps updated, since they are frequent attack targets.
Common warning signs
- Unknown programs with startup access
- Multiple antivirus tools running at once
- Old browser extensions you no longer use
- Remote desktop tools installed without a clear reason
Running more than one real-time antivirus product can cause performance problems and conflicts.
In most cases, Microsoft Defender Antivirus should remain active unless a trusted enterprise product replaces it.
Build a Regular Security Review Routine
Knowing how to check Windows 10 PC security settings is most useful when you do it consistently.
A monthly review is enough for most home users, while business devices may need more frequent checks depending on policy and risk.
A practical routine includes scanning for malware, checking firewall status, confirming updates, reviewing sign-in methods, and removing unfamiliar software.
If you change routers, travel often, or install new apps, review the settings again afterward.
By verifying the core Windows Security categories, update status, account protections, and device-level defenses, you create a reliable baseline.
That baseline makes it much easier to notice when something is off, and that early warning can prevent a small issue from becoming a serious security incident.