Microsoft : Why can't they develop the best security suite???

[trainbus120]

I always had this coming to my mind. When the company can develop an OS which is widely used then why can't the company also develop an shield which could protect it from the mess around. Why can't it be a rock solid OS which can be used without the mess of an Antivirus, Firewall, Anti-spyware, Anti keylogger, Anti this and anti that????? Poor and sad. Firstly we shell on this expensive OS which is again upgradable on a payment every year or two, protect the same with these never ending jargon's of mess with these yearly subscriptions of the so called protectors which again ain't the guarantee of 100% protection????

What is this all about. Microsoft-> U listening?????

 

[Raul90]

Anything that is used all over the world and might I say "popular" always have the tendency to be attack-targets. Java and Flash have their share also. Even Norton and Kaspersky had been victims. MS has it's UAC, Windows Defender and MSE but as you say they fall short of protecting the user effectively. It may seem that security is not their forte or if they can they tend to developmentally look at it as a idea for more profit (in a small sense)...You just can't really trust a product (OS) solely to protect itself effectively

 

[(BlackBox) Hacker]

Microsoft do have all the Protection your need, but the OS is apart of it. Say for example the UAC Settings is your HIPS you would get with your normal Antivirus and the Two Way Firewall is Advanced Windows Firewall, but you will need a Firewall Controller for it. Plus MSE is Windows 8 Defender built=in into the newest Operating System! Windows SmartScreen is very new and that is like another UAC Mode for Windows 8 Pro.
I have made a Windows Firewall Controller called "Windows Firewall Console 9.0" and that has Anti Leak security features on it, much better than Tinywall!!! I also forgot about Applocker and that is one of the best security solutions on the web, some experts say including me as the best Security that could beat Antivirus Venders Software?

Take a look at this site for more information here: http://technet.microsoft.com/en-us/magazine/2009.10.geekofalltrades.aspx

I always had this coming to my mind. When the company can develop an OS which is widely used then why can't the company also develop an shield which could protect it from the mess around. Why can't it be a rock solid OS which can be used without the mess of an Antivirus, Firewall, Anti-spyware, Anti keylogger, Anti this and anti that????? Poor and sad. Firstly we shell on this expensive OS which is again upgradable on a payment every year or two, protect the same with these never ending jargon's of mess with these yearly subscriptions of the so called protectors which again ain't the guarantee of 100% protection????

What is this all about. Microsoft-> U listening?????

Microsoft Technet says, To fully understand the power of AppLocker, think about the basics of maintaining system security. Malware is a constant threat. Whether it infects your systems through an Internet browser or is pushed via a worm-style attack, it sometimes overwhelms even the best firewalls and anti-malware engines. Further, even with a layered approach to security in your environment, the combination of these tools can never be prepared for that dreaded zero-day attack.

Make sure you read the whole thing and you should see this!

The answer: Absolutely. And the solution for that problem is AppLocker.

 

[trainbus120]

Hi BlackBox, Your post encouraged me to find out more about applocker. I referred Microsoft only for this and please correct me if wrong, I learned that it is suitable for Biz ( organizations) :

When to use AppLocker

In many organizations, information is the most valuable asset, and ensuring that only approved users have access to that information is imperative. Access control technologies such as Active Directory Rights Management Services (AD RMS) and access control lists (ACLs) help control what users are allowed to access.

However, when a user runs a process, that process has the same level of access to data that the user has. As a result, sensitive information could easily be deleted or transmitted out of the organization if a user knowingly or unknowingly runs malicious software. AppLocker can help mitigate these types of security breaches by restricting the files that users or groups are allowed to run.

Software publishers are beginning to create more applications that can be installed by non-administrative users. This could jeopardize an organization's written security policy and circumvent traditional application control solutions that rely on the inability of users to install applications. By allowing administrators to create an allowed list of approved files and applications, AppLocker helps prevent such per-user applications from running. Because AppLocker can control DLLs, it is also useful to control who can install and run ActiveX controls.

AppLocker is ideal for organizations that currently use Group Policy to manage their Windows-based computers. Because AppLocker relies on Group Policy for authoring and deployment, experience with Group Policy is helpful if you plan to use AppLocker.

The following are examples of scenarios in which AppLocker can be used:

• Your organization's security policy dictates the use of only licensed software, so you need to prevent users from running unlicensed software and also restrict the use of licensed software to authorized users.
• An application is no longer supported by your organization, so you need to prevent it from being used by everyone.
• The potential that unwanted software can be introduced in your environment is high, so you need to reduce this threat.
• The license to an application has been revoked or it is expired in your organization, so you need to prevent it from being used by everyone.
• A new application or a new version of an application is deployed, and you need to prevent users from running the old version.
• Specific software tools are not allowed within the organization, or only specific users should have access to those tools.
• A single user or small group of users needs to use a specific application that is denied for all others.
• Some computers in your organization are shared by people who have different software usage needs, and you need to protect specific applications.
• In addition to other measures, you need to control the access to sensitive data through application usage.

AppLocker can help you protect the digital assets within your organization, reduce the threat of malicious software being introduced into your environment, and improve the management of application control and the maintenance of application control policies.

 

[(BlackBox) Hacker]

You can also use PowerShell with Applocker, I could telnet or use any Socket to connect to a remote server, then execute the (CLI) then this will also allow the Administrator to block Software. And see all attempts made from other executables lol! You can reset and add rules just by using system policy also.

Hi BlackBox, Your post encouraged me to find out more about applocker. I referred Microsoft only for this and please correct me if wrong, I learned that it is suitable for Biz ( organizations) :

When to use AppLocker

In many organizations, information is the most valuable asset, and ensuring that only approved users have access to that information is imperative. Access control technologies such as Active Directory Rights Management Services (AD RMS) and access control lists (ACLs) help control what users are allowed to access.

However, when a user runs a process, that process has the same level of access to data that the user has. As a result, sensitive information could easily be deleted or transmitted out of the organization if a user knowingly or unknowingly runs malicious software. AppLocker can help mitigate these types of security breaches by restricting the files that users or groups are allowed to run.

Software publishers are beginning to create more applications that can be installed by non-administrative users. This could jeopardize an organization's written security policy and circumvent traditional application control solutions that rely on the inability of users to install applications. By allowing administrators to create an allowed list of approved files and applications, AppLocker helps prevent such per-user applications from running. Because AppLocker can control DLLs, it is also useful to control who can install and run ActiveX controls.

AppLocker is ideal for organizations that currently use Group Policy to manage their Windows-based computers. Because AppLocker relies on Group Policy for authoring and deployment, experience with Group Policy is helpful if you plan to use AppLocker.

The following are examples of scenarios in which AppLocker can be used:

• Your organization's security policy dictates the use of only licensed software, so you need to prevent users from running unlicensed software and also restrict the use of licensed software to authorized users.
• An application is no longer supported by your organization, so you need to prevent it from being used by everyone.
• The potential that unwanted software can be introduced in your environment is high, so you need to reduce this threat.
• The license to an application has been revoked or it is expired in your organization, so you need to prevent it from being used by everyone.
• A new application or a new version of an application is deployed, and you need to prevent users from running the old version.
• Specific software tools are not allowed within the organization, or only specific users should have access to those tools.
• A single user or small group of users needs to use a specific application that is denied for all others.
• Some computers in your organization are shared by people who have different software usage needs, and you need to protect specific applications.
• In addition to other measures, you need to control the access to sensitive data through application usage.

AppLocker can help you protect the digital assets within your organization, reduce the threat of malicious software being introduced into your environment, and improve the management of application control and the maintenance of application control policies.

 

[(BlackBox) Hacker]

If you don't know what your doing with PowerShell? Then you can also lock yourself out of your own system, I also had to bypass it to gain system access again scary stuff. But very funny!

Blog: http://blackboxhcker.blogspot.co.uk/2014/03/windows-applocker-remote-powershell.html

Hi BlackBox, Your post encouraged me to find out more about applocker. I referred Microsoft only for this and please correct me if wrong, I learned that it is suitable for Biz ( organizations) :

When to use AppLocker

In many organizations, information is the most valuable asset, and ensuring that only approved users have access to that information is imperative. Access control technologies such as Active Directory Rights Management Services (AD RMS) and access control lists (ACLs) help control what users are allowed to access.

However, when a user runs a process, that process has the same level of access to data that the user has. As a result, sensitive information could easily be deleted or transmitted out of the organization if a user knowingly or unknowingly runs malicious software. AppLocker can help mitigate these types of security breaches by restricting the files that users or groups are allowed to run.

Software publishers are beginning to create more applications that can be installed by non-administrative users. This could jeopardize an organization's written security policy and circumvent traditional application control solutions that rely on the inability of users to install applications. By allowing administrators to create an allowed list of approved files and applications, AppLocker helps prevent such per-user applications from running. Because AppLocker can control DLLs, it is also useful to control who can install and run ActiveX controls.

AppLocker is ideal for organizations that currently use Group Policy to manage their Windows-based computers. Because AppLocker relies on Group Policy for authoring and deployment, experience with Group Policy is helpful if you plan to use AppLocker.

The following are examples of scenarios in which AppLocker can be used:

• Your organization's security policy dictates the use of only licensed software, so you need to prevent users from running unlicensed software and also restrict the use of licensed software to authorized users.
• An application is no longer supported by your organization, so you need to prevent it from being used by everyone.
• The potential that unwanted software can be introduced in your environment is high, so you need to reduce this threat.
• The license to an application has been revoked or it is expired in your organization, so you need to prevent it from being used by everyone.
• A new application or a new version of an application is deployed, and you need to prevent users from running the old version.
• Specific software tools are not allowed within the organization, or only specific users should have access to those tools.
• A single user or small group of users needs to use a specific application that is denied for all others.
• Some computers in your organization are shared by people who have different software usage needs, and you need to protect specific applications.
• In addition to other measures, you need to control the access to sensitive data through application usage.

AppLocker can help you protect the digital assets within your organization, reduce the threat of malicious software being introduced into your environment, and improve the management of application control and the maintenance of application control policies.

 

[(BlackBox) Hacker]

You can use any Remote Terminal and Execute these commands remotely for Applocker Security without DC's Domain Controllers, just using any small Networks using either Ncat or Telnet maybe your own Computer Backdoor without user authentication. First open a command prompt or Shell and type the following inputs!

1. Powershell
2. Import-Module Applocker
3. Get-Command *Applocker*
4. Get-AppLockerFileInformation –EventLog –EventType Denied –Statistics
5. Get-AppLockerFileInformation -Path "" | New-AppLockerPolicy -Optimize | Set-AppLockerPolicy -Merge

Hi BlackBox, Your post encouraged me to find out more about applocker. I referred Microsoft only for this and please correct me if wrong, I learned that it is suitable for Biz ( organizations) :

When to use AppLocker

In many organizations, information is the most valuable asset, and ensuring that only approved users have access to that information is imperative. Access control technologies such as Active Directory Rights Management Services (AD RMS) and access control lists (ACLs) help control what users are allowed to access.

However, when a user runs a process, that process has the same level of access to data that the user has. As a result, sensitive information could easily be deleted or transmitted out of the organization if a user knowingly or unknowingly runs malicious software. AppLocker can help mitigate these types of security breaches by restricting the files that users or groups are allowed to run.

Software publishers are beginning to create more applications that can be installed by non-administrative users. This could jeopardize an organization's written security policy and circumvent traditional application control solutions that rely on the inability of users to install applications. By allowing administrators to create an allowed list of approved files and applications, AppLocker helps prevent such per-user applications from running. Because AppLocker can control DLLs, it is also useful to control who can install and run ActiveX controls.

AppLocker is ideal for organizations that currently use Group Policy to manage their Windows-based computers. Because AppLocker relies on Group Policy for authoring and deployment, experience with Group Policy is helpful if you plan to use AppLocker.

The following are examples of scenarios in which AppLocker can be used:

• Your organization's security policy dictates the use of only licensed software, so you need to prevent users from running unlicensed software and also restrict the use of licensed software to authorized users.
• An application is no longer supported by your organization, so you need to prevent it from being used by everyone.
• The potential that unwanted software can be introduced in your environment is high, so you need to reduce this threat.
• The license to an application has been revoked or it is expired in your organization, so you need to prevent it from being used by everyone.
• A new application or a new version of an application is deployed, and you need to prevent users from running the old version.
• Specific software tools are not allowed within the organization, or only specific users should have access to those tools.
• A single user or small group of users needs to use a specific application that is denied for all others.
• Some computers in your organization are shared by people who have different software usage needs, and you need to protect specific applications.
• In addition to other measures, you need to control the access to sensitive data through application usage.

AppLocker can help you protect the digital assets within your organization, reduce the threat of malicious software being introduced into your environment, and improve the management of application control and the maintenance of application control policies.

 

[Venustus]

If you don't know what your doing with PowerShell? Then you can also lock yourself out of your own system, I also had to bypass it to gain system access again scary stuff. But very funny!

Blog: http://blackboxhcker.blogspot.co.uk/2014/03/windows-applocker-remote-powershell.html

That happened to me once!

 

[trainbus120]

WOW BlackBox!!! U seems to have gained all expertise in applocker!!! Great Really appreciate your depth in the subject.

 

[(BlackBox) Hacker]

When you get that good at security, you have a very big chance of locking yourself out of your own system!

That happened to me once!

 

[(BlackBox) Hacker]

The following security command will not get you locked out with the merge!

5. Get-AppLockerFileInformation -Path "" | New-AppLockerPolicy -Optimize | Set-AppLockerPolicy -Merge

In the quotations put the path of the Software you allow on your system!

WOW BlackBox!!! U seems to have gained all expertise in applocker!!! Great Really appreciate your depth in the subject.

 

[trainbus120]

Hey BlackBox, Pl confirm, whether Windows Firewall Console 9.0 has been developed by YOU?

 

[(BlackBox) Hacker]

Yes this is my Software!

Hey BlackBox, Pl confirm, whether Windows Firewall Console 9.0 has been developed by YOU?

 

[trainbus120]

WOW!! will surely try!! great

 

[Venustus]

The following security command will not get you locked out with the merge!

5. Get-AppLockerFileInformation -Path "" | New-AppLockerPolicy -Optimize | Set-AppLockerPolicy -Merge

In the quotations put the path of the Software you allow on your system!

Thank you!

 

[(BlackBox) Hacker]

Thanks I also have a support site for it!

Main Site: http://www.blackbox.uphero.com/

WOW!! will surely try!! great

 

[(BlackBox) Hacker]

You guys are very welcome!

Thank you!

 

[(BlackBox) Hacker]

AppLocker uses file signatures called Hashes or MD5 Hashes to block files via "name.exe" just like your Antivirus!

 

[(BlackBox) Hacker]

Is this very cool or what?

Another Graphics User Interface!

 

[Littlebits]

Microsoft can develop the best security suite if they didn't have partners that was in the same business which is a conflict of interest.

Remember awhile back when Microsoft announced that Windows 8 would include its own AV, SmartScreen and optimized UAC?

All of the third-party security software vendors could hardly wait to start bashing it before it was even released and accusing Microsoft of trying to run a monopoly in the PC security business, even Microsoft's own business partners.

So Microsoft gently backed off from adding other security features to satisfy their partners. Microsoft even sit back and kept quite when third-party security software vendors and AV testing sites bashed their default security features in Windows 8 because they wanted to keep their partners at check.

Microsoft knows Windows better than anyone else and could make the best possible security suite but that would destroy the PC security market and cause many companies to go out of business, a lot of lost employment in the workforce and loose most of their business partners which help them get to where they are now. Microsoft would become a monopoly which would not be good for anyone. It would get to the point where users would have no options when choosing security software since all of the other companies would no longer be in business, you would have to use Microsoft. Because it is not going to happen. Microsoft maybe a large company but it has it hands tied just like many other large companies do.

Enjoy!!