ConfigureDefender utility for Windows 10/11

Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
I chose the Default Profile and rebooted the system. The default profile resolved the issue, and now everything works properly.
Click to expand...
It is strange. Normally, the Default Profile turns OFF the PUA protection, so "App & browser control" is not fully turned ON. :unsure:
The warning disappears when one press "Dismiss":

1685286405573.png


I think that when you apply the HIGH Protection Level now, then everything should be OK.
 
  • Like
Reactions: Nevi, Zero Knowledge and simmerskool
wat0114

wat0114

Level 13
Verified
Top Poster
Well-known
Apr 5, 2021
619
I have found that anything developed by Andy Ful, I use Hard_Configurator, is first rate, and never has given me issues. Recently, I setup Windows 10, 22H2, on my wife's newest laptop, with latest Beta version of H_C, and it runs flawlessly (y) Not at all surprised.
 
  • Like
  • Applause
Reactions: Nevi, Zero Knowledge, piquiteco and 5 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,867
rhythm said:
@Andy Ful

Why not remove hxxps:// hard-configurator from the opening post?

What Office products does ASR support?

I have Windows Update set to "notify for download". How do I get Defender updates independent of WU?
Click to expand...
I kind of agree. I had the website bookmarked and didn’t realize it was decommissioned. It has a lovely redirect to a virus/adware laden site. Just was testing some dns response time and clicked it. Oops. Haha.
 
  • Like
  • Sad
Reactions: Nevi, Zero Knowledge, simmerskool and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
@Andy Ful

Why not remove hxxps:// hard-configurator from the opening post?

What Office products does ASR support?

I have Windows Update set to "notify for download". How do I get Defender updates independent of WU?
Click to expand...
The link has been removed. Thanks.
MS Office (for any rule that includes the "office" term in its description).
Use Security Center to update Defender manually or right-click on the Defender icon (on the system tray) and choose the appropriate option.
 
  • Like
Reactions: Nevi, Zero Knowledge, ForgottenSeer 100397 and 3 others
F

ForgottenSeer 100397

Block executable files from running unless they meet a prevalence, age, or trusted list criteria

1. Does this also pertain to installed programs?
2. Will adding the blocked program to Defender's exclusion list bypass this protection?
3. Can setting the protection to "Warn" (to allow) and then back to "ON" permanently allow the blocked program?
4. Will moving the CD executable require me to reapply the protection levels?
 
Last edited by a moderator:
  • Like
Reactions: Gandalf_The_Grey
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
Block executable files from running unless they meet a prevalence, age, or trusted list criteria

1. Does this also pertain to installed programs?
2. Will adding the blocked program to Defender's exclusion list bypass this protection?
3. Can setting the protection to "Warn" (to allow) and then back to "ON" permanently allow the blocked program?
4. Will moving the CD executable require me to reapply the protection levels?
Click to expand...
  1. Yes.
  2. No. But, you can use the exclusions for ASR rules.
  3. Bypassing Warn, should allow the file for 24 hours. But, it is also possible that during this time, Microsoft can whitelist the file.
  4. If you apply the settings via ConfigureDefender, they are written into the Windows Registry as native Defender settings. ConfigureDefender is not required to keep them working.
 
  • Like
Reactions: Nevi, Mercenary, ForgottenSeer 100397 and 4 others
F

ForgottenSeer 100397

Is a system restart and clicking Refresh necessary for CD with individual settings changed?

Do settings like these or others impact Windows Update?
"Block executable files from running unless they meet prevalence, age, or trusted list criteria."

I am replacing ON with Warn (where available) while using High Protection. Do you have any suggestions?

Does ON notify me about blocking?
 
Last edited by a moderator:
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
Is a system restart and clicking Refresh necessary for CD with individual settings changed?
Click to expand...

Yes. That is why It is noted in the Configuredefender HELP.

1688551229801.png


Anyway, there are a few settings that do not require Windows Restart, like SmartScreen settings.
The REFRESH option only checks if the new settings were properly written in the Registry - some AVs can silently block such changes. So if you are sure that nothing tampers with ConfigureDefender, then the REFRESH can be skipped.


rhythm said:
Do settings like these or others impact Windows Update?
"Block executable files from running unless they meet prevalence, age, or trusted list criteria."
Click to expand...

No. But there was a single event when one of the ASR rules for MS Office caused a mess on the users' Desktops (shortcuts killed by Defender after Defender update).

rhythm said:
I am replacing ON with Warn (where available) while using High Protection. Do you have any suggestions?
Click to expand...

It is OK.

rhythm said:
Does ON notify me about blocking?
Click to expand...

Mostly Yes, but not always.
 
Last edited:
  • Like
  • +Reputation
Reactions: Nevi, Zero Knowledge, simmerskool and 4 others
piquiteco

piquiteco

Level 14
Verified
Top Poster
Well-known
Oct 16, 2022
624
Andy Ful said:
No. But there was a single event when one of the ASR rules for MS Office caused a mess on the users' Desktops (shortcuts killed by Defender after Defender update).
Click to expand...
If I still have a good memory, this happened on January 13, 2023 on a Friday (the 13th) lol, when my desktop shortcuts started disappearing after a Defender update that Microsoft pushed on users, this day will be unforgettable lol. :LOL:
 
  • Like
Reactions: Nevi, Zero Knowledge, simmerskool and 3 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
ConfigureDefender 3.1.1.1 with an updated digital certificate:

No changes as compared to ver 3.0.1.1, except for adding the updated certificate. In the ConfigureDefender window, this version is still described as 3.0.1.1. The code of x86 and x64 executables is identical in versions 3.0.1.1 and 3.1.1.1. But, because of adding new certificates, the file hashes are different.
 
  • Like
  • +Reputation
Reactions: Nevi, Zero Knowledge, Mercenary and 5 others
F

ForgottenSeer 100397

@Andy Ful

I think that the “High” Protection Level with “Block Executables From Running” is very secure and can handle zero-day threats. This protection is as good as, or even better than, the default protection from third-party vendors such as Kaspersky, Eset, or Bitdefender. What is your response?

Does the "Block Executables" rule allow or block program updates if I exclude the program's folder under ASR Exclusions?
 
  • Like
Reactions: piquiteco and Andy Ful
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
@Andy Ful
...
Does the "Block Executables" rule allow or block program updates if I exclude the program's folder under ASR Exclusions?
Click to expand...
Yes, this rule can block non-prevalent applications, usually for about two days. You can set this rule to 'Warn' and this will allow unblocking the application for 24 hours.
 
  • +Reputation
  • Like
Reactions: piquiteco, ForgottenSeer 100397, ErzCrz and 1 other person
F

ForgottenSeer 100397

@Andy Ful

Can the “Block Executables” rule handle only EXE files?

My issue is with the Defender update, since I have Windows Update set to “notify” me. I attempted to use Task Scheduler for the automatic update, but it didn’t work for Defender. I haven’t tried Group Policy yet. Should I avoid using GP for Defender with CD?
 
Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,476
rhythm said:
@Andy Ful

Can the “Block Executables” rule handle only EXE files?
Click to expand...

The ASR rule "Block executable files from running unless they meet a prevalence, age, or trusted list criteria" blocks *.exe files.

rhythm said:
My issue is with the Defender update, since I have Windows Update set to “notify” me. I attempted to use Task Scheduler for the automatic update, but it didn’t work for Defender.
Click to expand...
I probably worked, but I never managed to update the new signatures more frequently than 2 or three times a day. Maybe this can be different in the paid versions of Microsoft Defender.

rhythm said:
I haven’t tried Group Policy yet. Should I avoid using GP for Defender with CD?
Click to expand...

You can use GPO, when the settings are unrelated to Realtime Protection, File scanning, ASR rules, Controlled Folder Access, and Network Protection.
 
  • Like
Reactions: oldschool, piquiteco, ForgottenSeer 100397 and 1 other person
F

ForgottenSeer 100397

The signature version in Windows Security matches the Defender update available in Windows Update. It appears Windows Update installs the Defender update but doesn’t update History or remove the listed update until the next run.
 
  • Like
Reactions: piquiteco, Andy Ful and oldschool

Similar threads

Andy Ful
    • Like
    • +Reputation
    • Thanks
  • Sticky
Serious Discussion WHHLight - simplified application control for Windows Home and Pro.
Replies
318
Views
34,062
Hard_Configurator Tools
Andy Ful
Andy Ful
Andy Ful
    • +Reputation
    • Like
    • Applause
New Update Testing Windows Hybrid Hardening (new hardening application).
Replies
253
Views
29,408
Hard_Configurator Tools
South Park
South Park
Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Microsoft Defender Antivirus + Windows 11 Smart App Control (SAC)
Replies
44
Views
3,213
Video Reviews - Security and Privacy
tofargone
tofargone

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top