ConfigureDefender utility for Windows 10/11

V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
Andy Ful said:
So you are using the early Insider version which will be finally pushed in the next year. We have to wait until it will be more mature, and then we will see if it is a bug or M$ decided to block more configuration changes (also with PowerShell) when Tamper Protection is active.(y)
Click to expand...
No, I'm using v1903.30
 
  • Like
Reactions: Andy Ful and shmu26
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Vasudev said:
No, I'm using v1903.30
Click to expand...
I tested ConfigureDefender in Windows 10 Insider Build 18841. I expected that it should be 19H2 but in fact, it is 20H1. So, I tested the build which is planned to be pushed in the next year. On this build, either H_C and ConfigureDefender works well, but two options in Configuredefender, mentioned by me, are protected by WD Tamper Protection.
 
  • Like
Reactions: Vasudev, oldschool, Gandalf_The_Grey and 2 others
oldschool

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,595
@Freki123 - I enabled ConfigureDefender "Default" profile and cloud protection is enabled and displays in Windows Security. This is included in the MS default setting, which leaves only Controlled Folder Access disabled. CD's "Default", "High" and "Child Protection" are pre-configured options. Users may choose a custom configuration by enabling or changing individual features after selecting any of the three ConfigureDefender protection levels.

We will update the "Help" section and include your suggestion to provide more clarity for users, especially average users. :)(y)
 
  • Like
  • Thanks
Reactions: shmu26, harlan4096, Andy Ful and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
"In Microsoft Defender ATP, the secure score is the path to achieving this. Through the top recommendations, we suggest a prioritized list for securing your devices, with a relative ranking of the overall impact to your security posture. We are also exploring ways to provide useful comparisons using this framework."
212386


Introducing the security configuration framework: A prioritized guide to hardening Windows 10 - Microsoft Security

The top four recommendations can be applied on Windows 10 Home via ConfigureDefender (or PowerShell cmdlets) and Windows Updates.
 
  • Like
  • Thanks
Reactions: ForgottenSeer 85179, Moonhorse, Gandalf_The_Grey and 5 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
Andy Ful said:
"In Microsoft Defender ATP, the secure score is the path to achieving this. Through the top recommendations, we suggest a prioritized list for securing your devices, with a relative ranking of the overall impact to your security posture. We are also exploring ways to provide useful comparisons using this framework."
View attachment 212386

Introducing the security configuration framework: A prioritized guide to hardening Windows 10 - Microsoft Security

The top four recommendations can be applied on Windows 10 Home via ConfigureDefender (or PowerShell cmdlets) and Windows Updates.
Click to expand...
Haha...
Faulty OS updates and putting the SoA in an unbootable will invalidate all scores.
Does configuredefender needs updating? I'm at version 2.0.0.0 and product version 33.0.xx.xx
 
  • Like
Reactions: oldschool and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Vasudev said:
Haha...
Faulty OS updates and putting the SoA in an unbootable will invalidate all scores.
Does configuredefender needs updating? I'm at version 2.0.0.0 and product version 33.0.xx.xx
Click to expand...
Windows Updates are equally revelant for all security solutions with any AV. Yet, by using WD the user has greater chances to avoid update problems.:giggle:
For now, Microsoft did not introduce the new features, so the update will be the cosmetic one.
 
  • Like
  • +Reputation
Reactions: ForgottenSeer 85179, oldschool, shmu26 and 3 others
F

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
Vasudev said:
CofigureDefender doesn't respond and UI appears stuck! When you hover the tray icon you'll see Script Paused message.
Click to expand...
Im on windows 10 64 bit 1809 both on laptop (home) and main pc.No fast ring of any kind active. My main pc is ryzen 2600 with a ssd and when i change for exampe from wd "default settings" to wd "high security settings" in configure defender it still needs about 2-3++ seconds before i can leave via the "close" button.
Test: Change settings form "default settings" to wd "high security settings" or the other way around and instantly hammer the close button. You still have to wait for (whatever is going on in the background with powershell or whatever to finish).
On my slower laptop it takes more time for sure.
Maybe a progress bar or a reminder that changes are done in the background that take time (for the impatient users would be nice).
Or just give the "done" button a timer before it can be pressed. So you know you have to wait before you can leave since stuff is done under the hood.
Never thought about it till i read Vasudev. I just wondered why after changing stuff i coudn't get out when i pressed "close".
I remember seeing the "script paused" message on my lapop also atleast once.
 
Last edited:
  • Like
  • +Reputation
Reactions: oldschool, shmu26, Vasudev and 1 other person
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
Freki123 said:
...
Test: Change settings form "default settings" to wd "high security settings" or the other way around and instantly hammer the close button. You still have to wait for (whatever is going on in the background with powershell or whatever to finish).
On my slower laptop it takes more time for sure.
Maybe a progress bar or a reminder that changes are done in the background that take time (for the impatient users would be nice).
...
Click to expand...
212387


Added the splash alert when applying time-consuming changes.(y)
 
  • Like
Reactions: ForgottenSeer 85179, oldschool, Freki123 and 5 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
Andy Ful said:
View attachment 212387

Added the splash alert when applying time-consuming changes.(y)
Click to expand...
Hey, yours look way different than Configure defender I use? Maybe I'm lagging without any updates?

Freki123 said:
Im on windows 10 64 bit 1809 both on laptop (home) and main pc.No fast ring of any kind active. My main pc is ryzen 2600 with a ssd and when i change for exampe from wd "default settings" to wd "high security settings" in configure defender it still needs about 2-3++ seconds before i can leave via the "close" button.
Test: Change settings form "default settings" to wd "high security settings" or the other way around and instantly hammer the close button. You still have to wait for (whatever is going on in the background with powershell or whatever to finish).
On my slower laptop it takes more time for sure.
Maybe a progress bar or a reminder that changes are done in the background that take time (for the impatient users would be nice).
Or just give the "done" button a timer before it can be pressed. So you know you have to wait before you can leave since stuff is done under the hood.
Never thought about it till i read Vasudev. I just wondered why after changing stuff i coudn't get out when i pressed "close".
I remember seeing the "script paused" message on my lapop also atleast once.
Click to expand...
You need to disable Tamper protection to apply on 19h1 and above.
I have the same issue like yours.
Try updating to latest v1903 MP engine for x64: http://download.windowsupdate.com/d..._3a5ced97c9ece5b58b50eae4481302c0815f03eb.exe
For other arch x86 and ARM64
 
  • Like
Reactions: oldschool, Freki123, shmu26 and 2 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
  • Like
  • Applause
Reactions: Daniel Keller, oldschool, Freki123 and 4 others
F

Freki123

Level 16
Verified
Top Poster
Aug 10, 2013
753
@Andy Ful Perfect. Now all people will know changes are performed and patience is needed :)
@Vasudev For me it was about the unresponsive ui that you mentioned and since i had the same experience i wanted to chim in on that part.
Thanks for the links but i will take the windows "feature" updates as slow as i can and try to only get security updates. I Just wanted to give andy as much information as i could (since i never knew what would be relevant for a dev). I will stay with 1809 till windows forces a newer version on me :D (Or they develop a killer feature i coudn't life without).
 
  • Like
Reactions: harlan4096, shmu26, oldschool and 3 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
Freki123 said:
@Andy Ful Perfect. Now all people will know changes are performed and patience is needed :)
@Vasudev For me it was about the unresponsive ui that you mentioned and since i had the same experience i wanted to chim in on that part.
Thanks for the links but i will take the windows "feature" updates as slow as i can and try to only get security updates. I Just wanted to give andy as much information as i could (since i never knew what would be relevant for a dev). I will stay with 1809 till windows forces a newer version on me :D (Or they develop a killer feature i coudn't life without).
Click to expand...
The linked are posted for updated WD with all features included for all W10 editions except Tamper protect and other newer tech. Usually its forced fed via WU. It'll upgrade your engine and protection updates to latest upstream WD build w/ updated 0 day detection and BAFS features.
 
  • Like
  • Thanks
Reactions: Gandalf_The_Grey, Freki123, shmu26 and 2 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Andy Ful said:
"In Microsoft Defender ATP, the secure score is the path to achieving this. Through the top recommendations, we suggest a prioritized list for securing your devices, with a relative ranking of the overall impact to your security posture. We are also exploring ways to provide useful comparisons using this framework."
View attachment 212386

Introducing the security configuration framework: A prioritized guide to hardening Windows 10 - Microsoft Security

The top four recommendations can be applied on Windows 10 Home via ConfigureDefender (or PowerShell cmdlets) and Windows Updates.
Click to expand...
@Andy Ful what is your opinion of these security priorities, as far as home users are concerned? I mean, if you would publish an ad hoc version of the same for home users, what would the outline look like? The first two entries -- update the OS and enable ASR -- sound good to my ears. But after that, I dunno.
They also failed to detail which ASR rules are the more critical ones, and then they mentioned credential guard as a separate entry, and that is confusing.
 
  • Like
Reactions: AtlBo, Vasudev, harlan4096 and 3 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,484
shmu26 said:
@Andy Ful what is your opinion of these security priorities, as far as home users are concerned? I mean, if you would publish an ad hoc version of the same for home users, what would the outline look like? The first two entries -- update the OS and enable ASR -- sound good to my ears. But after that, I dunno.
They also failed to detail which ASR rules are the more critical ones, and then they mentioned credential guard as a separate entry, and that is confusing.
Click to expand...
Only top four entries are available for home users. Controlled Folder Access is important (if one does not use default-deny setup) to protect Desktop and data folders.
"Fix antivirus reporting..." is related to inform the user that WD is set improperly and can help to apply WD default settings + PUA protection + update WD security intelligence.
 
  • Like
Reactions: AtlBo, Vasudev, harlan4096 and 3 others
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
I have Network protection enabled, and it sporadically blocks a Windows store app called Microsoft To-Do.
Fortunately, the block does not seem to interfere with the functionality of the app. All it does is give me a good laugh. I assume that is the expected behavior of the user. Lol.

Your IT administrator has caused Windows Defender Exploit Guard to block a potentially dangerous network connection.
Detection time: 2019-04-15T10:10:14.744Z
User: S-1-5-21-3454378019-2768118530-1397810189-1001
Destination: http://185.151.204.12
Process Name: C:\Program Files\WindowsApps\Microsoft.Todos_1.54.2992.0_x64__8wekyb3d8bbwe\Todo.exe
 
  • Like
Reactions: Andy Ful, AtlBo, oldschool and 2 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,247
shmu26 said:
I have Network protection enabled, and it sporadically blocks a Windows store app called Microsoft To-Do.
Fortunately, the block does not seem to interfere with the functionality of the app. All it does is give me a good laugh. I assume that is the expected behavior of the user. Lol.

Your IT administrator has caused Windows Defender Exploit Guard to block a potentially dangerous network connection.
Detection time: 2019-04-15T10:10:14.744Z
User: S-1-5-21-3454378019-2768118530-1397810189-1001
Destination: http://185.151.204.12
Process Name: C:\Program Files\WindowsApps\Microsoft.Todos_1.54.2992.0_x64__8wekyb3d8bbwe\Todo.exe
Click to expand...
Looks like Exploit guard is correct. Haha... Just use Google Todo app, feels much better and syncs properly w/o worrying about App being EOL or made open source when MSFT lose interest.
 
  • Like
Reactions: Andy Ful, AtlBo, shmu26 and 1 other person
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Vasudev said:
Looks like Exploit guard is correct. Haha... Just use Google Todo app, feels much better and syncs properly w/o worrying about App being EOL or made open source when MSFT lose interest.
Click to expand...
Indeed, also Google blocks this url. Pretty strange that a Microsoft-made app is accessing such an url.
 
  • Like
Reactions: Vasudev, Andy Ful and AtlBo

Similar threads

Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
318
Views
34,091
Hard_Configurator Tools
Andy Ful
Andy Ful
Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
29,419
Hard_Configurator Tools
South Park
South Park
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Microsoft Defender Antivirus + Windows 11 Smart App Control (SAC)
Replies
44
Views
3,229
Video Reviews - Security and Privacy
tofargone
tofargone

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top