Hard_Configurator - Windows Hardening Configurator

Chuck57

Level 9
Verified
Well-known
Oct 22, 2018
433
Thank you oldschool and Andy. I'm an average user, maybe a step above average but far from advanced. I use HC with one of the Win 10 profiles, usually Win 10 recommended enhanced, and force myself to leave everything else alone. I know HC is for advanced users but have had no trouble using that setting only. In this case, I think I'll stay with WD and hardened windows firewall and avoid potential problems.

I'm the guy, after all, who tried a new firewall many years ago and managed to lock myself out of my computer by playing with the settings.
 

South Park

Level 9
Verified
Well-known
Jun 23, 2018
431
Thank you oldschool and Andy. I'm an average user, maybe a step above average but far from advanced. I use HC with one of the Windows 10 profiles, usually Windows 10 recommended enhanced, and force myself to leave everything else alone. I know HC is for advanced users but have had no trouble using that setting only. In this case, I think I'll stay with WD and hardened windows firewall and avoid potential problems.

I'm the guy, after all, who tried a new firewall many years ago and managed to lock myself out of my computer by playing with the settings.
I'm definitely not advanced -- I'm intermediate at best, but I've been using H_C on Recommended, with firewall hardening for LOLbins and C_D on High for about 3 weeks now and have had zero problems. I find it a very light setup.

(About firewalls, I once did the same thing as you. As a noob on Windows XP, I installed Zone Alarm Free while running Norton AV. I ended up having to reformat and reinstall Windows. I was grateful for for my CD-R backups! :D )
 

Chuck57

Level 9
Verified
Well-known
Oct 22, 2018
433
I'm definitely not advanced -- I'm intermediate at best, but I've been using H_C on Recommended, with firewall hardening for LOLbins and C_D on High for about 3 weeks now and have had zero problems. I find it a very light setup.

(About firewalls, I once did the same thing as you. As a noob on Windows XP, I installed Zone Alarm Free while running Norton AV. I ended up having to reformat and reinstall Windows. I was grateful for for my CD-R backups! :D )

Reformat and reinstall here too. I think I had Win 98, possibly 95. It was long ago. I avoided firewalls for a long time after. I was using an old firewall called Tiny. Not the current Tiny. It was an excellent firewall, and very good without tweaking but I couldn't leave it alone. I think I used the OEM CD, though it could have been a stack of 3 1/2 inch floppies to reinstall Windows.
 

South Park

Level 9
Verified
Well-known
Jun 23, 2018
431
Reformat and reinstall here too. I think I had Win 98, possibly 95. It was long ago. I avoided firewalls for a long time after. I was using an old firewall called Tiny. Not the current Tiny. It was an excellent firewall, and very good without tweaking but I couldn't leave it alone. I think I used the OEM CD, though it could have been a stack of 3 1/2 inch floppies to reinstall Windows.
After the Zone Alarm incident, I tried Sygate for a while but ended up using Kerio. I stopped using third-party firewalls when I switched to Windows 7. I agree w/ Umbra that the Windows firewall post-XP is good enough.
 
F

ForgottenSeer 823865

After the Zone Alarm incident, I tried Sygate for a while but ended up using Kerio. I stopped using third-party firewalls when I switched to Windows 7. I agree w/ Umbra that the Windows firewall post-XP is good enough.
yeah XP built-in Firewall suxx plenty, however the that came on Win7 was decent, and it didn't changed much since, some few improvement/fixes, but that is it.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
When testing DocumentsAniExploit tool on MS Office 365,

DocumentsAntiExploitTool.png


I noticed three interesting things:
  1. If the ON2 setting is applied that triggers restrictions via Windows Policies, then these settings are not visible in MS Office applications' Security Center. But still, the policies work as they should.
  2. If the ON1 setting is applied, then the applied restrictions are visible in MS Office applications' Security Center.
  3. If the ON2 setting is applied and WD detected/quarantined the file when opening by MS Office, then after recovering it from the quarantine, MS Office will ignore the ON2 Windows Policies for this file.
From point 3, it follows, that MS Office 365 is in some way integrated with WD.(y)
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Maybe because I installed MS Office from the Microsoft Store (other paths?) add the "MS Office" rules in FirewallHardening does nothing.
...
Could you please, check again the MS Office rules. I installed MS Office 365 Home from Microsoft Store and this is the normal desktop version. So, when you use MS Office <ADD> button in FirewallHardening - the right rules should be added. Please look at the top and the bottom of the Rule List.
When the new rule is added to the list, it is initially placed on the end of the list. If you will open the FirewallHardening tool again then the list is sorted by paths, and in the case of MS Office rules, they will be visible at the beginning of the list. (y)
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Could you please, check again the MS Office rules. I installed MS Office 365 Home from Microsoft Store and this is the normal desktop version. So, when you use MS Office <ADD> button in FirewallHardening - the right rules should be added. Please look at the top and the bottom of the Rule List.
When the new rule is added to the list, it is initially placed on the end of the list. If you will open the FirewallHardening tool again then the list is sorted by paths, and in the case of MS Office rules, they will be visible at the beginning of the list. (y)
Still not working for me.
I can clear the Recommended H_C rules for better visibility, but ADD MS Office doesn't add any new rule.
Schermopname (13).png

LOLBins work and Adobe Acrobat Reader gives an error because Adobe Acrobat reader is not installed.
So I keep using Recommended H_C.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Still not working for me.
...
Understand. Your installation has to be different. I would be grateful if you could check two things:
  1. The localization of word.exe, mine is:
    C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
  2. The value of the "Path" entry under the Windows Registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe
    mine is:
    Path = C:\Program Files\Microsoft Office\Root\Office16\
Thank you.

Edit.
Microsoft Office 2019 and 365 (desktop versions) use the same paths and Registry keys as MS Office 2016.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Understand. Your installation has to be different. I would be grateful if you could check two things:
  1. The localization of word.exe, mine is:
    C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
  2. The value of the "Path" entry under the Windows Registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Winword.exe
    mine is:
    Path = C:\Program Files\Microsoft Office\Root\Office16\
Thank you.

Edit.
Microsoft Office 2019 and 365 (desktop versions) use the same paths and Registry keys as MS Office 2016.
It's not accessible to me.
It's in C:\Program Files\WindowsApps

Aantekening 2020-01-13 194039.jpg
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
That's mighty weird. Maybe that's the Microsoft Store version that you are seeing, I mean the mobile version that you can install from the MIcrosoft store?
Yes, that's the Microsoft Store Version, but the full version of Office 365 Home:
Aantekening 2020-01-13 200416.jpg


Aantekening 2020-01-13 200415.jpg

@oldschool No tweaks, it's factory-installed like this on the new Lenovo laptop of my daughter for example.
 

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Yes, that's the Microsoft Store Version, but the full version of Office 365 Home:
View attachment 232111

View attachment 232112
@oldschool No tweaks, it's factory-installed like this on the new Lenovo laptop of my daughter for example.
You have the "Microsoft Office Desktop Apps" with Office 365 license. This is the full Mobile version of Microsoft Office sometimes preinstalled on laptops. I did not test it.

You can check if DocumentsAntiExploit works by setting it to ON1 and looking at Word options:
Options >> Trust Center >> Trust Center Settings >> Macro settings
The option "Disable all macros without notification" should be ticked.
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You have the "Microsoft Office Desktop Apps" with Office 365 license. This is the full Mobile version of Microsoft Office sometimes preinstalled on laptops. I did not test it.

You can check if DocumentsAntiExploit works by setting it to ON1 and looking at Word options:
Options >> Trust Center >> Trust Center Settings >> Macro settings
The option "Disable all macros without notification" should be ticked.
If Gandalf has the mobile version, why does he need to worry about exploit protection?
 

cryogent

Level 7
Verified
Well-known
Oct 1, 2016
307
Hi @Andy Ful, H_C Recommended settings interferes in any way with USB / SATA access / transfer file settings?
I am asking because two days ago a i lost 2 microSD card in two different phones and my RAID1 becomesbroken for no reason.
Checking the logs of Win and H_C I didn't find anything relevant to this .
I know maybe what i asked is a stupid question but i want it to know if under the hud is something related, if not ..then i exclude H_C from debugging this problem.
 
Last edited:
  • Like
Reactions: Andy Ful

Andy Ful

From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Hi @Andy Ful, H_C Recommended settings interferes in any way with USB / SATA access / transfer file settings?
...
Nothing, for sure.(y)
Why do you seek the cause of breaking microSD cards from your phones in your computer? It is most probably related to the phone. I do not think that investigating the Windows Logs could help you. You probably need a low-level disk diagnostic tool.
It would be good to open a new thread about recovering the RAID - there can be several sources of your problem: malware, driver update, driver corruption, hardware failure, etc.

If Gandalf has the mobile version, why does he need to worry about exploit protection?
The mobile applications are Universal Windows Platform apps. They can support AppContainer or not. Most of the known 3rd party Office suites prepared for UWP, do not support AppContainer. The free Office Mobile version of Word, Excel, and PowerPoint work in the read mode (blocked macros, OLE, etc) in AppContainer.
I did not see/test the Microsoft Office Desktop Apps, so I do not know the details. Maybe, @Gandalf_The_Grey will help us, to know this.:)(y)
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
The mobile applications are Universal Windows Platform apps. They can support AppContainer or not. Most of the known 3rd party Office suites prepared for UWP, do not support AppContainer. The free Office Mobile version of Word, Excel, and PowerPoint work in the read mode (blocked macros, OLE, etc) in AppContainer.
I did not see/test the Microsoft Office Desktop Apps, so I do not know the details. Maybe, @Gandalf_The_Grey will help us, to know this.:)(y)
If you tell me how to check that, I will do it later today when returning home from work.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top