Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 838411" data-attributes="member: 32260"><p><strong>I am thinking about adding two H_C options: <Harden EXE> and <Harden EXE via WDAC>.</strong></p><p><strong>Both can be applied as additional protection to any Allow EXE profile.</strong></p><p></p><p>The first will simply block EXE files via SRP in the default user folders on the system partition like: Desktop, Download, Videos, Documents, Pictures, Music.</p><p></p><p>The second will be based on Windows Defender Application Control (WDAC). It will apply the additional protection to all drives and partitions, <span style="color: rgb(184, 49, 47)"><strong>except system partition (usually C:\)</strong></span>. This protection includes:</p><ol> <li data-xf-list-type="ol">All programs (EXE, MSI) and DLLs which are accepted by Microsoft as safe (Intelligent Security Graph Authorization) are allowed.</li> <li data-xf-list-type="ol">All other programs (EXE, MSI) and DLLs are blocked (also .NET DLLs).</li> <li data-xf-list-type="ol">PowerShell and Windows Script Host scripting is restricted also for elevated processes.</li> <li data-xf-list-type="ol">"Run As SmartScreen" or "Run By SmartScreen" can bypass blocking MSI and EXE files.</li> <li data-xf-list-type="ol">The system partition (usually C:\) is whitelisted, so EXE, MSI, and DLL files from system partition are allowed by WDAC, but can be restricted by other H_C features.</li> </ol><p>Both <Harden EXE> and <Harden EXE via WDAC> are prepared to work with any "Allow Exe" setup. So, with Allow EXE setting the commonly used user folders will be protected as in the H_C Recommended Settings, other locations on system drive will allow EXE files, and non-system drives (also USB drives) will be additionally protected by Windows Defender Application Control.</p><p></p><p>The H_C Allow EXE setup + <Harden EXE> + <Harden EXE via WDAC> will be probably included in H_C as "Default Profile". There will be no problems with installing & updating applications in UserSpace on the system partition. Still, while installing applications the user will usually have to use "Run As SmartScreen" from the Explorer context menu, because the installers will be started from Download or Desktop folder, or non-system drive/partition.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 838411, member: 32260"] [B]I am thinking about adding two H_C options: <Harden EXE> and <Harden EXE via WDAC>. Both can be applied as additional protection to any Allow EXE profile.[/B] The first will simply block EXE files via SRP in the default user folders on the system partition like: Desktop, Download, Videos, Documents, Pictures, Music. The second will be based on Windows Defender Application Control (WDAC). It will apply the additional protection to all drives and partitions, [COLOR=rgb(184, 49, 47)][B]except system partition (usually C:\)[/B][/COLOR]. This protection includes: [LIST=1] [*]All programs (EXE, MSI) and DLLs which are accepted by Microsoft as safe (Intelligent Security Graph Authorization) are allowed. [*]All other programs (EXE, MSI) and DLLs are blocked (also .NET DLLs). [*]PowerShell and Windows Script Host scripting is restricted also for elevated processes. [*]"Run As SmartScreen" or "Run By SmartScreen" can bypass blocking MSI and EXE files. [*]The system partition (usually C:\) is whitelisted, so EXE, MSI, and DLL files from system partition are allowed by WDAC, but can be restricted by other H_C features. [/LIST] Both <Harden EXE> and <Harden EXE via WDAC> are prepared to work with any "Allow Exe" setup. So, with Allow EXE setting the commonly used user folders will be protected as in the H_C Recommended Settings, other locations on system drive will allow EXE files, and non-system drives (also USB drives) will be additionally protected by Windows Defender Application Control. The H_C Allow EXE setup + <Harden EXE> + <Harden EXE via WDAC> will be probably included in H_C as "Default Profile". There will be no problems with installing & updating applications in UserSpace on the system partition. Still, while installing applications the user will usually have to use "Run As SmartScreen" from the Explorer context menu, because the installers will be started from Download or Desktop folder, or non-system drive/partition. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
