)
That's an interesting thread. It sounds like the exact WD version that is delivered is not the same for all users. It's a staggered rollout or something like that.It seems like im not completely alone in this.
Like post 11 and 15 (It's about them having the same version as I,not about the problems the thread was about
I hope it's not to offtopic but since WD is a mainpart of H_C I hope its ok?
It is from my real system on Windows 10 Pro 64-bit ver. 1909:Are you on the insider channel or so by chance?
I tried to find info on MS Defender versions on the internet and from what I found 4.18.2001.x seems to be ok (doc is dated 03/04/2020).
And I'm on c:\programdata\microsoft\windows defender\platform\4.18.2001.10-0\msmpeng.exe
Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint
Manage how Microsoft Defender Antivirus receives protection and product updates.docs.microsoft.com
I just wanted to know if got a realengineplatform/client problem since WD is my main av with H_C
I am not sure about your case, but updating the WD platform can generally depend on other Windows Updates.
There are several kinds of WD updates. I have only a few WD platform updates from December 2020. Most of them are under the 'Definition Updates' tab in the History of Windows Updates (4.18.2001.7, 4.18.2003.4, 4.18.2003.5, 4.18.2003.6). But, the WD platform update 4.18.2001.10 is among 'Quality Updates' (February 2020) on my computer (Windows 10 ver. 1909 64-bit).
Maybe they accepted the fact that you do not want to update quickly.Just got updated today to Platform\4.18.2003.6-0. So either staggered rollout or I was one of the slower moving guinea pigs for MS
I am sure you already got this one right, but in advanced Update settings, at the bottom, there is a poorly labeled option called "Choose when updates are installed." It allows you to defer for a certain number of days or weeks or months. If you choose to defer, Windows updater will not even identify available updates, even if you click on "check for updates".Just got updated today to Platform\4.18.2003.6-0. So either staggered rollout or I was one of the slower moving guinea pigs for MS
I unwisely deferred also "quality" updates, which includes security updates, and it took me a while to figure out what was going wrong...
Thanks for reminding me about WFC. Since I only use H_C now, it is an ideal companion to it.
Hard_Configurator is integrated with two external configurators (two violet buttons in H_C): ConfigureDefender and FirewallHardening. Whitelisting is related only to SRP blocks.@Andy Ful Is there a way to exclude only one exe/service from "credential stealing lsass.exe" protection?
I don't want to exclude it from all protection via "Manage ASR Exclusions". Tried whitelisting by hash as a test, didn't work.
e.g: User: NT AUTHORITY\SYSTEM
Path: C:\Windows\System32\lsass.exe
Process Name: C:\Program Files\Macrium\Common\MacriumService.exe
I can run Max settings and the log is really quite with only one exeption: Macrium
So I don't want to disable the whole lsass.exe protection because one file is annoying. Is it possible?
I know I could just turn it to "high" settings or disable "lsass.exe" protection but I prefer to know if there is a choice to make it work since I'm curious
The block was labeled as: Windows Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
Yes and No.
