Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Firmware Protection Windows 1809 - How to turn it on?
Message
<blockquote data-quote="Eddie Morra" data-source="post: 771087"><p>Thanks to [USER=37647]@shmu26[/USER] and [USER=11794]@overdivine[/USER] for sharing some files with me which belong to their Windows 10 1809 environment... it is really appreciated and saved me some time.</p><p></p><p>I've taken a look and I've found a lead which may be the solution. Remember though, anything that happens by enabling this silently-snuck in feature which is still undocumented by Microsoft is the fault of anyone but me, and there is no guarantee that the feature even works yet, nor that my "solution" will work (it is untested and I do not plan on testing it anytime soon - do it at your own free will if you understand the risks).</p><p></p><p>There's a Windows Service named "<em>Windows Defender Security Center Service</em>" on Windows 10 and this is for a Win32 process named "<em>SecurityHealthService.exe</em>" (located under the System32 directory). This process is going to check the configurations for features like <em>Device Guard </em>and will do X and X depending on the configuration.</p><p></p><p>When I took a look at the <em>SecurityHealthService.exe</em> on my Windows 10 1803 environment, I could not find any evidence of the Windows Defender System Guard feature being referenced. However, when I did some investigation into the version of <em>SecurityHealthService.exe</em> from the environment of 1809 users, I did find evidence of the feature being referenced.</p><p></p><p>Below is a screenshot.</p><p></p><p>[ATTACH=full]199237[/ATTACH]</p><p></p><p>If the key does not already exist, then create the following.</p><p></p><p><em>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\SystemGuard</em> -> <strong>Enabled </strong>(DWORD - set to the value of 1).</p><p></p><p>After creating/modifying the key, reboot your system and then re-check if the feature is enabled from the Windows Defender Settings area.</p><p></p><p><strong>You should make sure you have a backup before doing this, just in case my solution works and the feature is buggy... the last thing you want is to toast your environment and not have a recovery route because you enabled an undocumented Windows Defender feature.</strong></p></blockquote><p></p>
[QUOTE="Eddie Morra, post: 771087"] Thanks to [USER=37647]@shmu26[/USER] and [USER=11794]@overdivine[/USER] for sharing some files with me which belong to their Windows 10 1809 environment... it is really appreciated and saved me some time. I've taken a look and I've found a lead which may be the solution. Remember though, anything that happens by enabling this silently-snuck in feature which is still undocumented by Microsoft is the fault of anyone but me, and there is no guarantee that the feature even works yet, nor that my "solution" will work (it is untested and I do not plan on testing it anytime soon - do it at your own free will if you understand the risks). There's a Windows Service named "[I]Windows Defender Security Center Service[/I]" on Windows 10 and this is for a Win32 process named "[I]SecurityHealthService.exe[/I]" (located under the System32 directory). This process is going to check the configurations for features like [I]Device Guard [/I]and will do X and X depending on the configuration. When I took a look at the [I]SecurityHealthService.exe[/I] on my Windows 10 1803 environment, I could not find any evidence of the Windows Defender System Guard feature being referenced. However, when I did some investigation into the version of [I]SecurityHealthService.exe[/I] from the environment of 1809 users, I did find evidence of the feature being referenced. Below is a screenshot. [ATTACH=full]199237[/ATTACH] If the key does not already exist, then create the following. [I]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\DeviceGuard\Scenarios\SystemGuard[/I] -> [B]Enabled [/B](DWORD - set to the value of 1). After creating/modifying the key, reboot your system and then re-check if the feature is enabled from the Windows Defender Settings area. [B]You should make sure you have a backup before doing this, just in case my solution works and the feature is buggy... the last thing you want is to toast your environment and not have a recovery route because you enabled an undocumented Windows Defender feature.[/B] [/QUOTE]
Insert quotes…
Verification
Post reply
Top