Hard_Configurator - Windows Hardening Configurator

[Chuck57]

Thank you oldschool and Andy. I'm an average user, maybe a step above average but far from advanced. I use HC with one of the Win 10 profiles, usually Win 10 recommended enhanced, and force myself to leave everything else alone. I know HC is for advanced users but have had no trouble using that setting only. In this case, I think I'll stay with WD and hardened windows firewall and avoid potential problems.

I'm the guy, after all, who tried a new firewall many years ago and managed to lock myself out of my computer by playing with the settings.

 

[Andy Ful]

Please, post here if you will encounter problems.

 

[South Park]

Thank you oldschool and Andy. I'm an average user, maybe a step above average but far from advanced. I use HC with one of the Windows 10 profiles, usually Windows 10 recommended enhanced, and force myself to leave everything else alone. I know HC is for advanced users but have had no trouble using that setting only. In this case, I think I'll stay with WD and hardened windows firewall and avoid potential problems.

I'm the guy, after all, who tried a new firewall many years ago and managed to lock myself out of my computer by playing with the settings.

I'm definitely not advanced -- I'm intermediate at best, but I've been using H_C on Recommended, with firewall hardening for LOLbins and C_D on High for about 3 weeks now and have had zero problems. I find it a very light setup.

(About firewalls, I once did the same thing as you. As a noob on Windows XP, I installed Zone Alarm Free while running Norton AV. I ended up having to reformat and reinstall Windows. I was grateful for for my CD-R backups! )

 

[Chuck57]

I'm definitely not advanced -- I'm intermediate at best, but I've been using H_C on Recommended, with firewall hardening for LOLbins and C_D on High for about 3 weeks now and have had zero problems. I find it a very light setup.

(About firewalls, I once did the same thing as you. As a noob on Windows XP, I installed Zone Alarm Free while running Norton AV. I ended up having to reformat and reinstall Windows. I was grateful for for my CD-R backups! )

Reformat and reinstall here too. I think I had Win 98, possibly 95. It was long ago. I avoided firewalls for a long time after. I was using an old firewall called Tiny. Not the current Tiny. It was an excellent firewall, and very good without tweaking but I couldn't leave it alone. I think I used the OEM CD, though it could have been a stack of 3 1/2 inch floppies to reinstall Windows.

 

[ForgottenSeer 823865]

I will tell you, except maybe the one in ESET, most 3rd party firewalls don't afford much more than what Windows Firewall offers.

 

[South Park]

Reformat and reinstall here too. I think I had Win 98, possibly 95. It was long ago. I avoided firewalls for a long time after. I was using an old firewall called Tiny. Not the current Tiny. It was an excellent firewall, and very good without tweaking but I couldn't leave it alone. I think I used the OEM CD, though it could have been a stack of 3 1/2 inch floppies to reinstall Windows.

After the Zone Alarm incident, I tried Sygate for a while but ended up using Kerio. I stopped using third-party firewalls when I switched to Windows 7. I agree w/ Umbra that the Windows firewall post-XP is good enough.

 

[ForgottenSeer 823865]

After the Zone Alarm incident, I tried Sygate for a while but ended up using Kerio. I stopped using third-party firewalls when I switched to Windows 7. I agree w/ Umbra that the Windows firewall post-XP is good enough.

yeah XP built-in Firewall suxx plenty, however the that came on Win7 was decent, and it didn't changed much since, some few improvement/fixes, but that is it.

 

[Andy Ful]

When testing DocumentsAniExploit tool on MS Office 365,

I noticed three interesting things:

1. If the ON2 setting is applied that triggers restrictions via Windows Policies, then these settings are not visible in MS Office applications' Security Center. But still, the policies work as they should.
2. If the ON1 setting is applied, then the applied restrictions are visible in MS Office applications' Security Center.
3. If the ON2 setting is applied and WD detected/quarantined the file when opening by MS Office, then after recovering it from the quarantine, MS Office will ignore the ON2 Windows Policies for this file.

From point 3, it follows, that MS Office 365 is in some way integrated with WD.

 

[Andy Ful]

Maybe because I installed MS Office from the Microsoft Store (other paths?) add the "MS Office" rules in FirewallHardening does nothing.
...

Could you please, check again the MS Office rules. I installed MS Office 365 Home from Microsoft Store and this is the normal desktop version. So, when you use MS Office <ADD> button in FirewallHardening - the right rules should be added. Please look at the top and the bottom of the Rule List.
When the new rule is added to the list, it is initially placed on the end of the list. If you will open the FirewallHardening tool again then the list is sorted by paths, and in the case of MS Office rules, they will be visible at the beginning of the list.

 

[Gandalf_The_Grey]

Could you please, check again the MS Office rules. I installed MS Office 365 Home from Microsoft Store and this is the normal desktop version. So, when you use MS Office <ADD> button in FirewallHardening - the right rules should be added. Please look at the top and the bottom of the Rule List.
When the new rule is added to the list, it is initially placed on the end of the list. If you will open the FirewallHardening tool again then the list is sorted by paths, and in the case of MS Office rules, they will be visible at the beginning of the list.

Still not working for me.
I can clear the Recommended H_C rules for better visibility, but ADD MS Office doesn't add any new rule.

LOLBins work and Adobe Acrobat Reader gives an error because Adobe Acrobat reader is not installed.
So I keep using Recommended H_C.

 

[Andy Ful]

Still not working for me.
...

Understand. Your installation has to be different. I would be grateful if you could check two things:

1. The localization of word.exe, mine is:
   C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
2. The value of the "Path" entry under the Windows Registry key:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe
   mine is:
   Path = C:\Program Files\Microsoft Office\Root\Office16\

Thank you.

Edit.
Microsoft Office 2019 and 365 (desktop versions) use the same paths and Registry keys as MS Office 2016.

 

[Gandalf_The_Grey]

Understand. Your installation has to be different. I would be grateful if you could check two things:

1. The localization of word.exe, mine is:
   C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
2. The value of the "Path" entry under the Windows Registry key:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe
   mine is:
   Path = C:\Program Files\Microsoft Office\Root\Office16\

Thank you.

Edit.
Microsoft Office 2019 and 365 (desktop versions) use the same paths and Registry keys as MS Office 2016.

It's not accessible to me.
It's in C:\Program Files\WindowsApps

 

[shmu26]

It's not accessible to me.
It's in C:\Program Files\WindowsApps

View attachment 232109

That's mighty weird. Maybe that's the Microsoft Store version that you are seeing, I mean the mobile version that you can install from the MIcrosoft store?

 

[oldschool]

@Gandalf_The_Grey @shmu26 This is a longshot, but maybe your privacy hacks or other system changes are having an effect.

 

[Gandalf_The_Grey]

That's mighty weird. Maybe that's the Microsoft Store version that you are seeing, I mean the mobile version that you can install from the MIcrosoft store?

Yes, that's the Microsoft Store Version, but the full version of Office 365 Home:

@oldschool No tweaks, it's factory-installed like this on the new Lenovo laptop of my daughter for example.

 

[Andy Ful]

Yes, that's the Microsoft Store Version, but the full version of Office 365 Home:
View attachment 232111

View attachment 232112
@oldschool No tweaks, it's factory-installed like this on the new Lenovo laptop of my daughter for example.

You have the "Microsoft Office Desktop Apps" with Office 365 license. This is the full Mobile version of Microsoft Office sometimes preinstalled on laptops. I did not test it.

You can check if DocumentsAntiExploit works by setting it to ON1 and looking at Word options:
Options >> Trust Center >> Trust Center Settings >> Macro settings
The option "Disable all macros without notification" should be ticked.

 

[shmu26]

You have the "Microsoft Office Desktop Apps" with Office 365 license. This is the full Mobile version of Microsoft Office sometimes preinstalled on laptops. I did not test it.

You can check if DocumentsAntiExploit works by setting it to ON1 and looking at Word options:
Options >> Trust Center >> Trust Center Settings >> Macro settings
The option "Disable all macros without notification" should be ticked.

If Gandalf has the mobile version, why does he need to worry about exploit protection?

 

[cryogent]

Hi @Andy Ful, H_C Recommended settings interferes in any way with USB / SATA access / transfer file settings?
I am asking because two days ago a i lost 2 microSD card in two different phones and my RAID1 becomesbroken for no reason.
Checking the logs of Win and H_C I didn't find anything relevant to this .
I know maybe what i asked is a stupid question but i want it to know if under the hud is something related, if not ..then i exclude H_C from debugging this problem.

 

[Andy Ful]

Hi @Andy Ful, H_C Recommended settings interferes in any way with USB / SATA access / transfer file settings?
...

Nothing, for sure.
Why do you seek the cause of breaking microSD cards from your phones in your computer? It is most probably related to the phone. I do not think that investigating the Windows Logs could help you. You probably need a low-level disk diagnostic tool.
It would be good to open a new thread about recovering the RAID - there can be several sources of your problem: malware, driver update, driver corruption, hardware failure, etc.

If Gandalf has the mobile version, why does he need to worry about exploit protection?

The mobile applications are Universal Windows Platform apps. They can support AppContainer or not. Most of the known 3rd party Office suites prepared for UWP, do not support AppContainer. The free Office Mobile version of Word, Excel, and PowerPoint work in the read mode (blocked macros, OLE, etc) in AppContainer.
I did not see/test the Microsoft Office Desktop Apps, so I do not know the details. Maybe, @Gandalf_The_Grey will help us, to know this.

 

[Gandalf_The_Grey]

The mobile applications are Universal Windows Platform apps. They can support AppContainer or not. Most of the known 3rd party Office suites prepared for UWP, do not support AppContainer. The free Office Mobile version of Word, Excel, and PowerPoint work in the read mode (blocked macros, OLE, etc) in AppContainer.
I did not see/test the Microsoft Office Desktop Apps, so I do not know the details. Maybe, @Gandalf_The_Grey will help us, to know this.

If you tell me how to check that, I will do it later today when returning home from work.