Dixz45

New Member
Nov 3, 2021
9
Hi
my friends has a computer running Windows 10 latest version 21H1 with kis

In windows defender, which is now called windows security, the App & browser control window has been completely disabled, including Exploit protection, and has set all options to OFF.

My friend told me that he disabled it because it might cause conflicts with KIS and that he really felt that the system got better and faster when disabling it

I also own KIS and I want to disable these options, but I am hesitant because KIS does not disable them by default
I don't know exactly what these options do, what role they play, and what protection they can provide with an advanced security program like KIS

I tried to do some research, but I did not find much information. I still do not know how this service works in the presence of a security program, and does it really cause conflicts?
These pictures are from my friend's device
Screenshot_40.png
Screenshot_41.png
 
Last edited by a moderator:

amirr

Level 21
Verified
Top poster
Well-known
Jan 26, 2020
1,081
I always fully disable WD via Group Policy after every clean installation of Windows.
 

SeriousHoax

Level 39
Verified
Top poster
Well-known
Mar 16, 2019
2,897
Your friend is confused, probably. Exploit protection is different from Windows/Microsoft Defender. Those are core protection feature of the OS. One should never turn those off. Some users on the forum here rather modify some settings to further improve exploit protection. You don't have to do that, just keep the default settings.
If someone doesn't play demanding games and rely on Microsoft Defender for malware protection, then he/she should also enable core isolation aka memory integrity if the hardware supports it. Since you're using KIS, you don't have to change anything.
 

Dixz45

New Member
Nov 3, 2021
9
Just a simple answer, not recommended disabling those settings :)

One thing is disabling WD, but a different one is disabling all those system additional security settings…
Thanks for your response harlan4096, but I really need to know the reasons for this because I have not tampered with these settings before, while my friend has been disabling them for a long time and did not have problems, so I am eager to know the answer to two questions ..

1: Why should I rely on a portion of the built-in protection if I'm replacing the entire built-in protection with an advanced third-party security program that's supposed to do all the security duties? (Note that this part of the protection is always present regardless of the third-party security software)

2: if we always know that the protections conflict with each other even if it is an invisible exposure, how can we be sure that the situation here is different (I don't think trusting Microsoft would be good to confirm that) :)
 
Last edited:

Dixz45

New Member
Nov 3, 2021
9
I always fully disable WD via Group Policy after every clean installation of Windows.
Thanks for your response, this part of the built-in protection is not disabled by default when installing third-party security software
 

Dixz45

New Member
Nov 3, 2021
9
Your friend is confused, probably. Exploit protection is different from Windows/Microsoft Defender. Those are core protection feature of the OS. One should never turn those off. Some users on the forum here rather modify some settings to further improve exploit protection. You don't have to do that, just keep the default settings.
If someone doesn't play demanding games and rely on Microsoft Defender for malware protection, then he/she should also enable core isolation aka memory integrity if the hardware supports it. Since you're using KIS, you don't have to change anything.
Thanks for your response, I don't think there is any confusion. This protection is part of the built-in protection that is supposed to be replaced by the protection of a third-party security program, and this is the first reason for my friend to disable it
The second reason is the possibility of exposures that cause certain problems when the protections work together, as is always known
But because I noticed that the third-party security does not disable it by default, and I do not know how this part of the built-in protection works and protects me despite the presence of the third-party security program, hence the topic :)
 
  • Like
Reactions: Dave Russo

amirr

Level 21
Verified
Top poster
Well-known
Jan 26, 2020
1,081
Your friend is confused, probably. Exploit protection is different from Windows/Microsoft Defender. Those are core protection feature of the OS. One should never turn those off. Some users on the forum here rather modify some settings to further improve exploit protection. You don't have to do that, just keep the default settings.
If someone doesn't play demanding games and rely on Microsoft Defender for malware protection, then he/she should also enable core isolation aka memory integrity if the hardware supports it. Since you're using KIS, you don't have to change anything.
With Windows 11, I use ESET IS. I keep Exploit protection on, and just turned off the Reputation based protection, because I use ESET IS.
Is that, ok? Thanks.
1636005144754.png
 
  • Like
Reactions: Dave Russo and Nevi

amirr

Level 21
Verified
Top poster
Well-known
Jan 26, 2020
1,081
I don't like and need a layered protection as ESET gets the job done perfectly.
 

harlan4096

Moderator
Verified
Staff member
Malware Hunter
Well-known
Apr 28, 2015
7,602
Thanks for your response harlan4096, but I really need to know the reasons for this because I have not tampered with these settings before, while my friend has been disabling them for a long time and did not have problems, so I am eager to know the answer to two questions ..

1: Why should I rely on a portion of the built-in protection if I'm replacing the entire built-in protection with an advanced third-party security program that's supposed to do all the security duties? (Note that this part of the protection is always present regardless of the third-party security software)

2: if we always know that the protections conflict with each other even if it is an invisible exposure, how can we be sure that the situation here is different (I don't think trusting Microsoft would be good to confirm that) :)
1.- That "portion of protection" belongs in general to Windows 10 system, no only to WD... and They are compatible with Kaspersky Protection, because they are not disabled by K. when You install it...

2.- In this case, those additional system security features are very effective, and it's very interesting to keep them enabled.
 

Dixz45

New Member
Nov 3, 2021
9
1.- That "portion of protection" belongs in general to Windows 10 system, no only to WD... and They are compatible with Kaspersky Protection, because they are not disabled by K. when You install it...

2.- In this case, those additional system security features are very effective, and it's very interesting to keep them enabled.
Thank you very much, harlan4096
 
Top