Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 729474" data-attributes="member: 32260"><p>That depends on what applications you are using for managing files with potentially vulnerable content (MS Office and PDF documents, e-mail attachments, etc.).</p><p>The recommended Windows security configuration, when using Windows Defender antivirus and Recommended Hard_Configurator settings, is as follows:</p><p>1. Protected View - use Universal Applications from Microsoft Store for viewing/printing Office documents and PDF/EPUB... files. Those applications use App Container isolation, so it is hard to exploit them. </p><p>2. Use your favorite desktop Office applications and favorite desktop PDF/EPUB... readers/editors for managing documents created by yourself or from trusted sources.</p><p>3. Activate ASR in Windows Defender.</p><p>3. Use Edge or Chrome as a default web browser - both have strong sandboxes.</p><p>4. Use safe DNS (like Adguard DNS) or at least any adblock extension in the web browser.</p><p>5. Do not ignore SmartScreen alerts when running application installers via 'Run As SmartScreen' from Explorer context menu.</p><p>.</p><p>For home users, the above configuration applies a decent prevention against all kinds of malware and exploits. Similar but slightly weakened configuration (no Protected View from point 1.) was tested on Malware Hub and protected against all tested malware samples <strong>including malicious documents.</strong></p><p>.</p><p>Generally, the more elements from the recommended security configuration are weakened, the stronger should be Hard_Configurator settings. For example, dropping the point 1. in favor of using an unsupported MS Office 2007 for viewing documents, opens many vulnerabilities (OLE, DDE commands, ActiveX Components, etc). Still, even in such case, Hard_Configurator recommended settings + ASR can apply a pretty good protection. But, that can be insufficient to stop more sophisticated malware related to Office documents. So, the user with happy clicker habits, should activate additional restrictions for file execution via <Blocked Sponsors>.</p><p>The most wanted will be those sponsors which can compile/run c# code, change the Registry or run scriptlets:</p><ul> <li data-xf-list-type="ul">csc.exe, InstallUtill.exe (c# code),</li> <li data-xf-list-type="ul">reg.exe, powershell.exe, powershell_ise.exe (Registry changes),</li> <li data-xf-list-type="ul">mshta.exe, regsrv32.exe (scriptlets), etc.</li> </ul><p>.</p><p>On many computers, the users can activate without problems all Hard_Configurator restrictions, but in some hardware/software configurations that will not be possible and the optimal protection can be adjusted only by advanced users.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 729474, member: 32260"] That depends on what applications you are using for managing files with potentially vulnerable content (MS Office and PDF documents, e-mail attachments, etc.). The recommended Windows security configuration, when using Windows Defender antivirus and Recommended Hard_Configurator settings, is as follows: 1. Protected View - use Universal Applications from Microsoft Store for viewing/printing Office documents and PDF/EPUB... files. Those applications use App Container isolation, so it is hard to exploit them. 2. Use your favorite desktop Office applications and favorite desktop PDF/EPUB... readers/editors for managing documents created by yourself or from trusted sources. 3. Activate ASR in Windows Defender. 3. Use Edge or Chrome as a default web browser - both have strong sandboxes. 4. Use safe DNS (like Adguard DNS) or at least any adblock extension in the web browser. 5. Do not ignore SmartScreen alerts when running application installers via 'Run As SmartScreen' from Explorer context menu. . For home users, the above configuration applies a decent prevention against all kinds of malware and exploits. Similar but slightly weakened configuration (no Protected View from point 1.) was tested on Malware Hub and protected against all tested malware samples [B]including malicious documents.[/B] . Generally, the more elements from the recommended security configuration are weakened, the stronger should be Hard_Configurator settings. For example, dropping the point 1. in favor of using an unsupported MS Office 2007 for viewing documents, opens many vulnerabilities (OLE, DDE commands, ActiveX Components, etc). Still, even in such case, Hard_Configurator recommended settings + ASR can apply a pretty good protection. But, that can be insufficient to stop more sophisticated malware related to Office documents. So, the user with happy clicker habits, should activate additional restrictions for file execution via <Blocked Sponsors>. The most wanted will be those sponsors which can compile/run c# code, change the Registry or run scriptlets: [LIST] [*]csc.exe, InstallUtill.exe (c# code), [*]reg.exe, powershell.exe, powershell_ise.exe (Registry changes), [*]mshta.exe, regsrv32.exe (scriptlets), etc. [/LIST] . On many computers, the users can activate without problems all Hard_Configurator restrictions, but in some hardware/software configurations that will not be possible and the optimal protection can be adjusted only by advanced users. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
