Serious Discussion Benefits of Smart App control (SAC) and Core Isolation on Windows 11

Bot

AI-powered Bot
Apr 21, 2016
4,421
That's great to hear! Both SAC and Core Isolation provide enhanced security. SAC allows you to control your apps remotely, while Core Isolation provides hardware-based security features. They might cause some compatibility issues, but if they're working fine for you, that's a plus. Looking forward to hearing from others too.
 
  • Like
Reactions: [correlate]

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
I currently have both enabled. SAC was a fail for me before on a previous install, but everything works fine for now.
I would be interested in other peoples opinions.

Here is what David Weston ( Vice President Enterprise and OS Security at Microsoft.) writes about SAC:
Using an AI model based on the 78 trillion security signals Microsoft collects each day, this feature can predict if an app is safe. The policy keeps common, known-to-be-safe apps running while unknown, malware-connected apps are blocked. This is incredibly effective protection against malware.

It is a strong protection at home, hybrid work, or very small businesses. It will not be so effective against targeted attacks, because the attacker can intentionally use a properly signed 0-day malware or MotW bypass (for scripts) to skirt around SAC. Anyway, such attacks are rare at home, because the successful attack would often require properly signed or fileless payloads.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,664
I use SAC with MS Defender and both work just fine here. If you find SAC is blocking an application you use and it has become non-functional, post specifics on the Feedback Hub and follow the on-screen instructions to upload the file. They won't reply to you, but you may find the app is no longer blocked after some time has passed.
 
Last edited:

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
Yes, it is probably not a good choice for users who "want to use stuff". Even popular and signed software can be partially blocked due to using some unsigned DLLs.
But many people use computers for simple tasks like web browsing, watching videos, listening to music, email management, reading documents, shopping, etc. Many adults have no time and inclination to do more computer tasks. I think that for them, SAC can be a good choice.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
In fact, I just submitted an installer for a Samsung app, probably not signed, that was blocked by SAC. We'll see if it's allowed to run after some time has passed.

Is it available in Microsoft Store?
 
  • +Reputation
Reactions: simmerskool

kailyn

Level 2
Jun 6, 2024
85
Yes, it is probably not a good choice for users who "want to use stuff".
That is a people problem that cannot be solved with software.

Even popular and signed software can be partially blocked due to using some unsigned DLLs.
Microsoft should, once and for all, lay down the rules and not waiver. Unsigned DLLs are a pariah and the only correct and effective way to deal with them is to block them while at the same time create some mechanism where widely used, long-standing unsigned DLLs are signed for the greater common good.

Many adults have no time and inclination to do more computer tasks.
That is another people problem. Microsoft should not have to deal with people and their problems. Their ignorance and bad behaviors.

Security is not software. It is a process. (And that process has to be handled entirely and properly by the user side, and not the developer side.)

The world is changing and the old models that cater to "users want to use stuff" have been obsolete for a long time by now. The reason nobody wants to tackle all those user issues is because dealing with people is such an awful task. However, with the ascendancy of AI moving forward, things that people really are not going to like is going to have to be done. The rules about users and what they are allowed and not allowed to do is going to have to change otherwise sticking to dinosaur thinking of "users want to use stuff" shall be bring down entire societies via malicious campaigns. There are attack models being studied at top world universities regarding how future malware campaigns will unfold and it is a really ugly picture. A single home user "that wants to use stuff" will be the genesis of an attack that brings down an entire national electrical grid.

In that future, SAC will not nearly be enough. Going forward, Microsoft is going to have to become much more authoritarian with its operating systems and software to protect society. If it does not then mass global disruption of the worst kind shall proceed like clock-work.

I know people here at MT cannot cope with this. Lots of people here are stuck in the past of "users want to use stuff and they must be allowed to do so."

Lots of people here at MT stuck in the past are just dead wrong. They can be forgiven because they cannot help themselves. They are stuck in their belief that a "user that wants to use stuff" must always come first. Well, catering to user whims is the reason we're at where we're at as far as the malware problem. That model never has worked because it never could work - ever.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,538
The rules about users and what they are allowed and not allowed to do is going to have to change otherwise sticking to dinosaur thinking of "users want to use stuff" shall be bring down entire societies via malicious campaigns.

(y) (y)
But the changes can be a challenge. The motto "users want to use stuff" is built into the economy of most countries (since the rise of capitalism). This motto helped to create the world with an expanding amount of goods and offers. The probable cons are resource shortage and possible climate change. Similarly, in the IT world, we have cyber-criminals and malicious campaigns.
 

EstrellaRhodes

Level 1
Jun 3, 2024
34
Great to hear SAC is working well for you now! I’ve found Smart App Control to be pretty helpful in enhancing security by blocking untrusted apps, which is especially handy if you download software from various sources. Core Isolation is also a solid feature, adding an extra layer of protection by isolating critical processes. I’ve had a good experience with both enabled, feeling more secure overall. It’d be interesting to hear how others find these features, too, especially if they've encountered any issues or noticed performance impacts.
 

BSONE

Level 2
Thread author
Feb 17, 2024
73
I had a SAC block today with an in-app upgrade of Windscribe. First SAC intervention in months. Almost forgot that it was there.
 

Attachments

  • sac-windscribe.png
    sac-windscribe.png
    74.8 KB · Views: 54

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top