- Sep 2, 2021
- 2,631
Hello and welcome to this test!
Today we are going to test Microsoft Defender, but not by default!
We use ConfigureDefender developed by @Andy Ful to set Microsoft Defender to maximum.
We also activate Smart Application Control of Windows 11.
=> SAC (Smart App Control) is a new system that will automatically block applications that are considered untrustworthy or potentially malicious.
The protection provided is very good.
On the Web, with or without Edge, Microsoft Defender blocks all malicious files.
On the fake crack, Microsoft Defender blocks all files dropped by the executable.
On the pack, big worries... Microsoft Defender is unable to delete the elements detected correctly, the interface bugs and deletes only few files.
I don't know if it's related to SAC, but even during the execution, SAC blocked all .exe executables and MS Defender blocked scripts.
Sometimes MS Defender even reacted late (on a malware that had modified RegAsm.exe to install AgentTesla and on a .jar that installed StrRat - even if Microsoft Defender managed to remove the infection, it is not safe that cyber criminals could have got information about the infected user) .
It is excellent, but Microsoft still needs to improve this protection, especially on what I stated above.
Request : @Max90 / @Andy Ful / @danb
Today we are going to test Microsoft Defender, but not by default!
We use ConfigureDefender developed by @Andy Ful to set Microsoft Defender to maximum.
We also activate Smart Application Control of Windows 11.
=> SAC (Smart App Control) is a new system that will automatically block applications that are considered untrustworthy or potentially malicious.
The protection provided is very good.
On the Web, with or without Edge, Microsoft Defender blocks all malicious files.
On the fake crack, Microsoft Defender blocks all files dropped by the executable.
On the pack, big worries... Microsoft Defender is unable to delete the elements detected correctly, the interface bugs and deletes only few files.
I don't know if it's related to SAC, but even during the execution, SAC blocked all .exe executables and MS Defender blocked scripts.
Sometimes MS Defender even reacted late (on a malware that had modified RegAsm.exe to install AgentTesla and on a .jar that installed StrRat - even if Microsoft Defender managed to remove the infection, it is not safe that cyber criminals could have got information about the infected user) .
It is excellent, but Microsoft still needs to improve this protection, especially on what I stated above.
Request : @Max90 / @Andy Ful / @danb