Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Testing Windows Hybrid Hardening (new hardening application).
Message
<blockquote data-quote="Andy Ful" data-source="post: 1052786" data-attributes="member: 32260"><p>My test was done without SmartScreen. Most manual installations will be done with SmartScreen because the files will have MOTW after downloading via the web browser. Most such installations will be allowed by ISG, except when the installation will download additional resources. So, files with MOTW + whitelisted %ProgramFiles% and %ProgramFiles(x86) will work well with ISG.</p><p>There are still some problems:</p><ol> <li data-xf-list-type="ol">Files in the Downloads folder are blocked (to avoid DLL hijacking).</li> <li data-xf-list-type="ol">Files on Disk images (ISO, IMG, etc. ) are blocked (to avoid DLL hijacking).</li> <li data-xf-list-type="ol">Application auto-updates are done without MOTW (can be broken).</li> </ol><p>Points 1 and 2 could be solved when using RunBySmartscreen (already included in WHH and the new version of SWH).</p><p>Disabling Dynamic Security Code will skip checking DLLs made dynamically when running .NET applications.</p><p>We still have a problem with auto-updates.</p><p></p><p>I agree, that this could be an alternative for a super-safe setup.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1052786, member: 32260"] My test was done without SmartScreen. Most manual installations will be done with SmartScreen because the files will have MOTW after downloading via the web browser. Most such installations will be allowed by ISG, except when the installation will download additional resources. So, files with MOTW + whitelisted %ProgramFiles% and %ProgramFiles(x86) will work well with ISG. There are still some problems: [LIST=1] [*]Files in the Downloads folder are blocked (to avoid DLL hijacking). [*]Files on Disk images (ISO, IMG, etc. ) are blocked (to avoid DLL hijacking). [*]Application auto-updates are done without MOTW (can be broken). [/LIST] Points 1 and 2 could be solved when using RunBySmartscreen (already included in WHH and the new version of SWH). Disabling Dynamic Security Code will skip checking DLLs made dynamically when running .NET applications. We still have a problem with auto-updates. I agree, that this could be an alternative for a super-safe setup.:) [/QUOTE]
Insert quotes…
Verification
Post reply
Top