New Update DefenderUI by VoodooShield - Turn on Hidden Security Features of Microsoft Defender

[Gandalf_The_Grey]

Updated KeepSolid VPN to latest version. Could not access internet afterward. Disabling DUI CFA (ransomware protection) gave me access to the internet again. Enabled CFA afterward and all is sweet now, no more blocks.
DUI CFA blocked another upgrade via Patch My PC few days back, forgot which app, Qbittorrent, Libre Office or CCleaner. Is this a normal behavior? Will I be required to disable CFA for any future Apps upgrade?
BTW does Configure Defender MD CFA behave the same?

Controlled Folder Access behaves the same with DefenderUI and ConfigureDefender.
At the moment you can't see the block history or allow an app with DefenderUI, the options do not work yet.
You still need Windows Security for that:

Add or Remove Allowed Apps for Controlled Folder Access in Windows 10

How to Add or Remove Allowed Apps through Controlled Folder Access in Windows 10

www.tenforums.com

You can see the block history or allow an app with ConfigureDefender.
It depends on the app (and your system) if an update or upgrade is blocked by CFA, most of the time it is not.

 

[Gandalf_The_Grey]

Another (German) user reports that the regional issue is resolved, no more crash or freeze

Same here.
No more crash, or freeze on my German W10.

DefenderUI

Hardly pointless options.... out of the box defender settings are quite weak.... using something like configure defender or this defenderUI you can...

www.wilderssecurity.com

 

[danb]

Updated KeepSolid VPN to latest version. Could not access internet afterward. Disabling DUI CFA (ransomware protection) gave me access to the internet again. Enabled CFA afterward and all is sweet now, no more blocks.
DUI CFA blocked another upgrade via Patch My PC few days back, forgot which app, Qbittorrent, Libre Office or CCleaner. Is this a normal behavior? Will I be required to disable CFA for any future Apps upgrade?
BTW does Configure Defender MD CFA behave the same?

It looks like @Gandalf_The_Grey already answered this, thank you guys!

 

[danb]

@danb - Installed just today - Very Impressive! MicroDefender settings never looked more refined, convenient or better.

Many Thanks for a very most useful interface and especially the effort put into it.

Thank you @EASTER, I appreciate that!

It is actually a lot of fun building this app, and we are getting pretty close to wrapping it up for now. We can always add features later, but I do not want to add features that no one will ever use.

 

[danb]

Hey guys,

Here is the latest. I have added some of the new features, but still have not worked on Manage Exclusions or Notification Settings.

While organizing the new features, I realized that a lot of them dealt specifically with scanning, so I moved all of these to the Advanced tab, which we can rename to “Scan Settings” at some point if we want. Although if we do this, we will not be able to add anything other than features related to scanning. And if we do rename the Advanced tab, we might want to rename the Basic tab to “Features”. I kinda like it the way it is, but I was curious what you guys thought.

Also, I have not added any of the new features to the Profiles yet because I have not had time to figure out what to set each one for each profile. Default and Aggressive are easy to figure out because they are already defined, but Recommended and interactive might take a little more thought.

There were a lot of changes in this version, so if I broke something please let me know!

DefenderUI 0.64 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: d8b98cc7591d9bf6a878e4a3e2f368c310d6648d56702069ba3f14695c14fc80


Thank you guys!

 

[Gandalf_The_Grey]

DefenderUI 0.64 beta is working great here

In the basic tab we have UI Lockdown and Privacy mode.
What is the function of those options?

In the advanced tab we have an option to enable file hash computation.
If I understand this article from Bleeping Computer correctly it is not an option meant for home users.

Microsoft Defender Antivirus provides a new setting in Windows 10 2004 named 'Enable file hash computation feature' that allows admins to force it to "compute file hashes for every executable file that is scanned, if it wasn’t previously computed" to "improve blocking for custom indicators in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)."

However, Redmond warns that in some situations (for instance when users frequently update or install apps) this new feature can have a performance cost.

"If you chose to enable this setting, we recommend throttling the deployment to ensure you measure the impact on your users’ machines," Microsoft says.

Windows 10 version 2004 adds new account password policies

Microsoft announced the security baseline draft release for Windows 10 and Windows Server, version 2004, and the intention to add new account password length security policies with the Windows 10 May 2020 Update.

www.bleepingcomputer.com

So I'm not sure if we need this option

 

[[correlate]]

Hey guys,

Here is the latest. I have added some of the new features, but still have not worked on Manage Exclusions or Notification Settings.

While organizing the new features, I realized that a lot of them dealt specifically with scanning, so I moved all of these to the Advanced tab, which we can rename to “Scan Settings” at some point if we want. Although if we do this, we will not be able to add anything other than features related to scanning. And if we do rename the Advanced tab, we might want to rename the Basic tab to “Features”. I kinda like it the way it is, but I was curious what you guys thought.

Also, I have not added any of the new features to the Profiles yet because I have not had time to figure out what to set each one for each profile. Default and Aggressive are easy to figure out because they are already defined, but Recommended and interactive might take a little more thought.

There were a lot of changes in this version, so if I broke something please let me know!

DefenderUI 0.64 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: d8b98cc7591d9bf6a878e4a3e2f368c310d6648d56702069ba3f14695c14fc80


Thank you guys!

I wonder if it is possible to add a feature
Transfer of malicious programs for isolation and removal of quarantine.

 

[VecchioScarpone]

DefenderUI 0.64 beta is working great here

In the basic tab we have UI Lockdown and Privacy mode.
What is the function of those options?

+ 1

DUI autoupdated this morning.
BTW
Desktop Icon right click does not open Settings UI anymore

 

[VecchioScarpone]

Trying to work out how to allow apps on CFA as per @Gandalf_The_Grey suggestion, I accidentally found out what UI lockdown does.
It hide Virus & Threat Protection from Windows Security settings.
I had to Disable UI Lockdown to access protection folders in Virus & threat.

 

[show-Zi]

And if we do rename the Advanced tab, we might want to rename the Basic tab to “Features”. I kinda like it the way it is, but I was curious what you guys thought.

Tabs have the role of a table of contents, but we don't think their name is particular enough to be of much concern.
For me, an excellent UI is one that allows me to understand where the settings I'm looking for are located by feel, without any knowledge; just having it located next to Advanced is enough for me to understand it.

 

[danb]

DefenderUI 0.64 beta is working great here

In the basic tab we have UI Lockdown and Privacy mode.
What is the function of those options?

In the advanced tab we have an option to enable file hash computation.
If I understand this article from Bleeping Computer correctly it is not an option meant for home users.

Windows 10 version 2004 adds new account password policies

Microsoft announced the security baseline draft release for Windows 10 and Windows Server, version 2004, and the intention to add new account password length security policies with the Windows 10 May 2020 Update.

www.bleepingcomputer.com

So I'm not sure if we need this option

I renamed some of the new options so it makes sense... you will see .

I actually read that article (or one very similar) while while researching which features to add, and truly that might have made sense like 10-20 years ago. But now with multicore processors, I am certain the difference is negligible. I need to look into this feature a little more, but if the process is only identified by path, and not hash, then we for sure need this feature. If MD also identifies the file by file size, that would certainly be better than simply identifying by path, but either way I think this is a worth while feature, and one I might add to some of the profiles as a standard / recommended option. We can play around with it and see if it really does show a performance hit... I highly doubt it does. I have been playing with these types of things for 10 years now, so I have a pretty good idea how long it takes to calculate a hash on a file . Thank you!

 

[danb]

I wonder if it is possible to add a feature
Transfer of malicious programs for isolation and removal of quarantine.

Thank you for the suggestion, it sounds very interesting! Do you have any other info or resources I can take a peek at? Thank you!

 

[danb]

+ 1

DUI autoupdated this morning.
BTW
Desktop Icon right click does not open Settings UI anymore

Yeah, I am still messing with the desktop icon. The issue is that when the user closes the main DefenderUI window, it has a fade out timer, then changes visibility to disabled. So I can make the icon open the main window, but it is not visible . Thank you!

 

[danb]

Tabs have the role of a table of contents, but we don't think their name is particular enough to be of much concern.
For me, an excellent UI is one that allows me to understand where the settings I'm looking for are located by feel, without any knowledge; just having it located next to Advanced is enough for me to understand it.

Yeah, and something tells me that we are going to be adding features and making changes for quite a while, so I am not going to stress over it .

 

[danb]

Hey guys,

After a visit to the Renaissance festival with Gracie, it all made sense how the new features fit into the current profiles. There are a few features that do not change when the profile is changed, I will have to make a list, but most of them do.

Once again, there were a lot of changes so if I broke anything please let me know. We are at the point where there should not be any other version that has this many changes all at once... we are in GREAT shape.

DefenderUI 0.67 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: f512ce62f762fea8dff3969aa4af0ed543a8d5f672170be686874906614b9388

Thank you guys!

BTW, Gracie LOVED the RF. We had not been there for 2 years and she absolutely freaked out when she realized where we were going .

 

[VecchioScarpone]

Clear now, thanks Dan.

 

[Gandalf_The_Grey]

I renamed some of the new options so it makes sense... you will see .

I actually read that article (or one very similar) while while researching which features to add, and truly that might have made sense like 10-20 years ago. But now with multicore processors, I am certain the difference is negligible. I need to look into this feature a little more, but if the process is only identified by path, and not hash, then we for sure need this feature. If MD also identifies the file by file size, that would certainly be better than simply identifying by path, but either way I think this is a worth while feature, and one I might add to some of the profiles as a standard / recommended option. We can play around with it and see if it really does show a performance hit... I highly doubt it does. I have been playing with these types of things for 10 years now, so I have a pretty good idea how long it takes to calculate a hash on a file . Thank you!

Thanks Dan, for your explanation and the renaming of those options
It is perfectly clear now.

 

[danb]

Hey guys,

Here is the latest DefenderUI. We are getting close, but there is still a little more to do for the first phase. The first phase should be wrapped up in a week or so (depending on how long the language translations take), then DefenderUI 1.00 will be ready to release to the public.

DefenderUI 2.00 will implement kernel mode hardening tools (blocking LOLbins, scripts, suspicious processes, child processes of web apps, etc...) along with firewall stuff. We might actually release this version as a separate version for those who do not need these types of features. It will probably take 2 or so months for 2.00.

DefenderUI 0.70 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: 923e23117b9a9e916a118fc3630ce5852afd4c9164adba27cf19395c42e31304

Thank you,

Dan

 

[VecchioScarpone]

Hey guys,

Here is the latest DefenderUI. We are getting close, but there is still a little more to do for the first phase. The first phase should be wrapped up in a week or so (depending on how long the language translations take), then DefenderUI 1.00 will be ready to release to the public.

DefenderUI 2.00 will implement kernel mode hardening tools (blocking LOLbins, scripts, suspicious processes, child processes of web apps, etc...) along with firewall stuff. We might actually release this version as a separate version for those who do not need these types of features. It will probably take 2 or so months for 2.00.

DefenderUI 0.70 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: 923e23117b9a9e916a118fc3630ce5852afd4c9164adba27cf19395c42e31304

Thank you,

Dan

I miss DUI Windows Update button. I found it quicker to access MD setting that way.
But that is just me I guess...

 

[danb]

I miss DUI Windows Update button. I found it quicker to access MD setting that way.
But that is just me I guess...

Oops, sorry about that. I was moving stuff around and forgot to put it where it goes. It is fixed in this version, along with a few small bugs in the exceptions. Light mode is a little better now... I am still working on it. I should just hire an artist to choose the colors.

DefenderUI 0.71 beta

https://voodooshield.com/Download/InstallDefenderUI.exe

SHA-256: 3ed81908d79fe3307ae86731b73e11cab3798856bfc8cd99f91e6bf2b1502311

BTW, I am delaying the auto upgrade a few hours each time, just to make sure it does not download the previous cached version and put DefenderUI into an infinite install loop. I purge the cache, but even when I do it can still take some time.

Thank you!