Have you read what is written on the before-mentioned link?
I could not find any data with a minimal relevance to what you have stated.
If there, would you post screenshot of such data.
Advanced In-The-Wild Malware Test - September 2025
- Thread starter Adrian Ścibor
- Start date
I could not find any data with a minimal relevance to what you have stated.
If there, would you post screenshot of such data.
F
ForgottenSeer 114717
There is data. Do your research.
Microsoft does not publish guides for the public. You have to pay for that detailed guidance. The data is spread across many websites with tidbits here, there, and everywhere. It is a cumulative research effort.
To save yourself time, read NIST SP 800-53 and 800-171R3. That's a good starting point.
Otherwise be prepared to spend months researching how to harden your Windows system - and how to get it right - so that it is highly hardened but not "inconvenient."
I am a university professor
F
ForgottenSeer 123960
1. Disabling Unneeded Services (Verified)
Official Doctrine: Microsoft Security Baselines / Intune Security Profiles
Source: Manage security baseline profiles in Microsoft Intune | Microsoft Learn
Technical Detail: Microsoft explicitly manages service configurations (e.g., Print Spooler, Remote Registry) via Security Baselines. Rather than manually disabling services via services.msc (which can cause instability), Microsoft advises applying their pre-tested Baselines via Group Policy or Intune.
2. Disabling Unneeded Applications (Verified)
Official Doctrine: Potentially Unwanted Application (PUA) Protection
Source: Block potentially unwanted applications with Microsoft Defender Antivirus | Microsoft Learn
Technical Detail: Microsoft actively advises blocking "PUA" (software that is not malware but is unnecessary/risky) and maintaining a strict inventory. This is the official mechanism for "removing unneeded applications" to reduce the vulnerability footprint.
3. Disabling "LOLBins" (Living Off The Land Binaries) (Verified with Nuance)
Official Doctrine: Attack Surface Reduction (ASR) Rules
Source: Use attack surface reduction rules to prevent malware infection | Microsoft Learn
Critical Nuance: You cannot "uninstall" LOLBins (like powershell.exe or wmic.exe) as they are core OS components.
The "Disable" Mechanism: You must use ASR Rules to disable the specific behaviors that make them dangerous.
Relevant Rule: "Block executable files from running unless they meet a prevalence, age, or trusted list criterion."
Relevant Rule: "Block process creations originating from PSExec and WMI commands."
4. Disabling Unneeded Features (Verified)
Official Doctrine: Windows Optional Features / SMBv1 Deprecation
Source: Detect, enable, and disable SMBv1, SMBv2, and SMBv3 in Windows | Microsoft Learn
Technical Detail: This is the primary example of "disabling unneeded features." Microsoft strongly advises disabling legacy features (like SMBv1) that are installed by default but rarely needed, as they serve as entry points for ransomware (e.g., WannaCry).
The list provided is a valid Operational Summary of the "Minimize Attack Surface" strategy found in the Microsoft Cloud Security Benchmark.
Official Doctrine: Microsoft Security Baselines / Intune Security Profiles
Source: Manage security baseline profiles in Microsoft Intune | Microsoft Learn
Technical Detail: Microsoft explicitly manages service configurations (e.g., Print Spooler, Remote Registry) via Security Baselines. Rather than manually disabling services via services.msc (which can cause instability), Microsoft advises applying their pre-tested Baselines via Group Policy or Intune.
2. Disabling Unneeded Applications (Verified)
Official Doctrine: Potentially Unwanted Application (PUA) Protection
Source: Block potentially unwanted applications with Microsoft Defender Antivirus | Microsoft Learn
Technical Detail: Microsoft actively advises blocking "PUA" (software that is not malware but is unnecessary/risky) and maintaining a strict inventory. This is the official mechanism for "removing unneeded applications" to reduce the vulnerability footprint.
3. Disabling "LOLBins" (Living Off The Land Binaries) (Verified with Nuance)
Official Doctrine: Attack Surface Reduction (ASR) Rules
Source: Use attack surface reduction rules to prevent malware infection | Microsoft Learn
Critical Nuance: You cannot "uninstall" LOLBins (like powershell.exe or wmic.exe) as they are core OS components.
The "Disable" Mechanism: You must use ASR Rules to disable the specific behaviors that make them dangerous.
Relevant Rule: "Block executable files from running unless they meet a prevalence, age, or trusted list criterion."
Relevant Rule: "Block process creations originating from PSExec and WMI commands."
4. Disabling Unneeded Features (Verified)
Official Doctrine: Windows Optional Features / SMBv1 Deprecation
Source: Detect, enable, and disable SMBv1, SMBv2, and SMBv3 in Windows | Microsoft Learn
Technical Detail: This is the primary example of "disabling unneeded features." Microsoft strongly advises disabling legacy features (like SMBv1) that are installed by default but rarely needed, as they serve as entry points for ransomware (e.g., WannaCry).
The list provided is a valid Operational Summary of the "Minimize Attack Surface" strategy found in the Microsoft Cloud Security Benchmark.
I wish you've taken the time to reply to the setup I suggested. How can I lose all of my work if I'm taking regular backups?
Also what are the facts that you stated? I did not say that default-deny does not work. My point was about usability. You yourself that such setup might break stuff. You mentioned sth about MS software not working due to your setup right?
Will not get any useful, applicable instructions, only elastic statements leading to nothing.
I get useful tips from most of the members, except for three.
F
ForgottenSeer 123960
I know people with PHDs that have very little common sense, so this really means nothing. I listed a few links on where to start from a strategy found in the Microsoft Cloud Security Benchmark.I am a university professor
P s. I'm just a guy with a G.E.D. I built the tool that verified and dug up those links.
It seems I have joined you in the "do your research gang"
It seems that some people have also default-deny in their brain and that setup is blocking the legitimate brain.exe
I have plenty of time to waste; I do not mind wasting time, but I prefer to waste time either for knowledge or fun; neither I get from his postsIt seems I have joined you in the "do your research gang"
The same argument that says "I know people who have been using Webroot and never got infected".
You're making it personal. The guy said that he is a professor and he is active here and always asks questions and involves in security discussions. Does not that mean that he is capable of making good decisions or at least ask for advice here?
F
ForgottenSeer 123960
This is what happens when you expect others to do everything for you. Making fun of the ones with the answers and pretending to be intelligent while asking for help figuring out something a few seem to lazy or inapt to do is priceless.It seems I have joined you in the "do your research gang"
It seems that some people have also default-deny in their brain and that setup is blocking the legitimate brain.exe
Instead of constructive and valuable discussion, it always ends with "people are the problem" and "people are lazy"I have plenty of time to waste; I do not mind wasting time, but I prefer to waste time either for knowledge or fun; neither I get from his posts
When you get sick even if youre a doctor or even a surgeon you could always make use of other colleagues experience. That never makes you lazy.
F
ForgottenSeer 123960
He was advised to do his research and he responded with " I'm a professor" and a rolled eyes. This dies not imply he is active here and always asks questions, it implies that he is better than others with the rolled eyes and is smarter. That he's done the research and found nothing so that is all there is to it case closed.
Well obviously he did not look in the right places. He obviously didn't state hey, I couldn't find anything on this could you please help guide me. Instead it was a rude remark.
Which seems to be the norm here, and why I've started doing it back towards others.
F
ForgottenSeer 123960
Asking is one thing, expecting them to do it all for you is another. Look up above at my post with links, go read. That parts been done for you.
The "do your research" is what was rude or at least that's how I felt it. So I asked my beloved Gemini and here what it said
The short answer is yes, it is often considered rude, particularly in online discussions or casual conversation.
While the phrase literally means "verify the facts," in modern discourse it has morphed into a dismissive way to shut down a conversation.
Here is a breakdown of why it lands poorly, when it might actually be okay, and how to say it better.
When someone says "do your research" during a disagreement, it usually implies three things that feel hostile:
Context is everything. There are specific scenarios where this phrase is neutral or even helpful:
If you genuinely want someone to understand your point of view or learn more about a topic, avoid the imperative command. Try these instead:
If you want to provide evidence:
If you don't have time to explain:
If you are encouraging critical thinking:
Are you currently in the middle of a difficult text conversation where you need to tell someone they might be wrong? I can help you draft a reply that is firm but polite.
While the phrase literally means "verify the facts," in modern discourse it has morphed into a dismissive way to shut down a conversation.
Here is a breakdown of why it lands poorly, when it might actually be okay, and how to say it better.
Why It Comes Across as Rude
When someone says "do your research" during a disagreement, it usually implies three things that feel hostile:
- It shifts the "Burden of Proof": If you make a claim, it is your job to back it up. Telling someone else to go find the evidence for your argument is intellectually lazy. It suggests, "I am right, but I can't be bothered to show you why."
- It implies ignorance: It suggests the other person is naive, brainwashed, or simply not smart enough to have stumbled upon the "truth" that you possess.
- It is associated with conspiracy theories: The phrase has been heavily co-opted by fringe communities. It is often used to suggest that mainstream sources are lying and that the "real" truth is hidden in obscure YouTube videos or forums.
When Is It Okay?
Context is everything. There are specific scenarios where this phrase is neutral or even helpful:
- Academic or Professional Settings: If a professor tells a student to "do their research" before writing a thesis, or a boss tells an employee to research a vendor before hiring them, it is a literal instruction, not an insult.
- Encouraging Autonomy: If someone asks you a question that requires a very complex, subjective answer (e.g., "Which stock should I buy?"), telling them to "do your research" (often abbreviated as DYOR in crypto/finance) is actually responsible advice. It means: "Don't blindly trust me; verify this yourself for your own safety."
Better Alternatives
If you genuinely want someone to understand your point of view or learn more about a topic, avoid the imperative command. Try these instead:
If you want to provide evidence:
If you don't have time to explain:
If you are encouraging critical thinking:
Are you currently in the middle of a difficult text conversation where you need to tell someone they might be wrong? I can help you draft a reply that is firm but polite.
F
ForgottenSeer 123960
Try asking him nicely instead of ganging up on and bashing him.
Bazang loves discussing cyber security and he's very good at it. Treating him the way everyone does certainly will not entice him to help them.The man is literally capable of running circles around all of you and get bored doing it. I step in and post simply because it's rediculous to watch the hive mentality of "gang" in this forum. Nothing irks me more. In the real world, these chumps that have to take 4-5 people to gang up on one are considered "fill in the blank"
Last edited by a moderator:
If I want to rely solely on research, why I would joint MT! Just use search engine.
They remind me of William Shatner shouting "Denny Crane" in Boston Legal.
Well, first I don't know Bazang and I have nothing against him and I'm not taking anything personally here. So please don't make it personal. No need to feel threatened here. Why would in the first place?Try asking him nicely instead of ganging up on and bashing him.
The man is literally capable of running circles around all of you and get bored doing it. I step in and post simply because it's rediculous to watch the hive mentality of "gang" in this forum. Nothing irks me more. In the real world, these chumps that have to take 4-5 people to gang up on one or considered "fill in the blank"
This is an online forum and discussion can always hear up or go out of place and that's expected.
F
ForgottenSeer 123960
Gemini will answer how you prompt. If you only feed it one side of the story, that's the answer you will obtain.
You may also like...
-
Advanced In-The-Wild Malware Test in March 2026 including effectiveness analysis and telemetry- Started by Adrian Ścibor
- Replies: 22
-
Advanced In-The-Wild Malware Test results for March 2025
- Started by Adrian Ścibor
- Replies: 44
-
Analysis of system protection against active online malware – July 2025
- Started by Adrian Ścibor
- Replies: 165
-
Advanced In-The-Wild Malware Test - Summary 2025 & Product of-the-year 2026
- Started by Adrian Ścibor
- Replies: 30
-
Product Of The Year 2025 – Summary of Advanced In-The-Wild Malware Test
- Started by Adrian Ścibor
- Replies: 16