Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Benefits of Smart App control (SAC) and Core Isolation on Windows 11
Message
<blockquote data-quote="bazang" data-source="post: 1120415" data-attributes="member: 114717"><p>This is correct, expected behavior that Microsoft does not properly explain so many users think SAC does not work correctly or does not work well.</p><p></p><p>For files blocked by SAC, Windows performs a file check (prevalence and reputation, and probably some other checks) and widely-known, prevalent files from trusted vendors (unsigned files that are traceable to the trusted vendor) are permitted so as to unblock the files after a period of time.</p><p></p><p>Other times the files continue to be blocked, but there is no functionality breakage - and the user is deliberately not told so as not to trigger them. It is better not to tell users much of anything when it comes to default deny. The sysadmin should handle the problems and the user not allowed to do anything.</p><p></p><p>Problem is, Windows for Home is a hand-me-down OS that is very minimally managed by Microsoft - and Microsoft does not want to be bothered with non-enterprise and non-government users.</p><p></p><p>SAC was not developed for home users/consumers. It was developed for enterprises and governments. Every single time that Microsoft tries to roll-out one of these robust default deny type of protections (for example, Windows S Mode), it is the users that destroy the security through their constant whining, complaining, and the problems that they create because they do not know what they're doing. In the end, Microsoft withdraws the protections or makes it only minimally available to the home user base.</p></blockquote><p></p>
[QUOTE="bazang, post: 1120415, member: 114717"] This is correct, expected behavior that Microsoft does not properly explain so many users think SAC does not work correctly or does not work well. For files blocked by SAC, Windows performs a file check (prevalence and reputation, and probably some other checks) and widely-known, prevalent files from trusted vendors (unsigned files that are traceable to the trusted vendor) are permitted so as to unblock the files after a period of time. Other times the files continue to be blocked, but there is no functionality breakage - and the user is deliberately not told so as not to trigger them. It is better not to tell users much of anything when it comes to default deny. The sysadmin should handle the problems and the user not allowed to do anything. Problem is, Windows for Home is a hand-me-down OS that is very minimally managed by Microsoft - and Microsoft does not want to be bothered with non-enterprise and non-government users. SAC was not developed for home users/consumers. It was developed for enterprises and governments. Every single time that Microsoft tries to roll-out one of these robust default deny type of protections (for example, Windows S Mode), it is the users that destroy the security through their constant whining, complaining, and the problems that they create because they do not know what they're doing. In the end, Microsoft withdraws the protections or makes it only minimally available to the home user base. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
