Who has already played with new W10 security features?

Have you enabled and added folders to secure folder access feature?

  • YEs

    Votes: 27 29.7%

  • No

    Votes: 46 50.5%

  • What ??

    Votes: 18 19.8%
  • Total voters
    91
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,494
Av Gurus said:
Tnx, what about this "Block Untrusted Fonts"? Turn ON or not?
View attachment 170416
Click to expand...
"Block Untrusted Fonts" mitigation was useful only in the early Windows 10 versions.
"With Windows 10, GDI font parsing is no longer performed in kernel mode. Instead, it is performed in a sandboxed user-mode process, fontdrvhost.exe, which executes in a highly-restricted, per-session AppContainer process under a limited-scope, system-generated virtual account. The AppContainer process is granted no Capabilities and minimal privileges. (When a process in an AppContainer requests access to a resource, the Windows security access check applies tighter rules than it does for traditional, non-AppContainer processes, granting access only if the resource explicitly grants access to it.)"
Dropping the “Untrusted Font Blocking” setting
 
  • Like
Reactions: _CyberGhosT_, shmu26, Sunshine-boy and 3 others
VecchioScarpone

VecchioScarpone

Level 6
Verified
Well-known
Aug 19, 2017
278
Had an issue with Snipping Tools not working. Apparently due to a faulty update, fixed that running windows updates troubleshooting tool.
Disabled Control Folders Access. Too many prompts and hard to navigate (for me). For instance I was unable to delete new files that I created on protected folders after the upgrade.
 
  • Like
Reactions: mlnevese, _CyberGhosT_, shmu26 and 2 others
Av Gurus

Av Gurus

Level 29
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Sep 22, 2014
1,767
Windows_Security said:
@Av Gurus

Select override and enable

View attachment 170414



I see second has audit option. I will check my wife's laptop when she is done photo editing (could take a while) Canada trip photo's (she thinks security is nonsense anyway and all people on security forums are geeks, so can't tell her to bugger of for my forum pall Av guru's..... I am not that brave).

EDIT child processes start can only be monitored with chrome. When you disable audit (so block it), it won;t work. I was put n the wrong feet, because they used 'controleren' in Dutch which means 'control'. This is technically a correct translation for audit, only to controle in Dutch also means to manage (or to rule), so apologize for the confusion.
Click to expand...

When set like this (screenshot) it crash all my extensions...:eek:

Untitled.png
 
Last edited:
  • Like
Reactions: lowdetection, Venustus, Andy Ful and 1 other person
TheMalwareMaster

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Hey guys, I'm running Windows 10 home and have just upgraded to the fall creators update. Since with Windows 10 home you can't access gpedit, I will be unable to benefit of most of the new security features? (I can still access anti-exploit and protected folders).
Before upgrading I removed COMODO Firewall.
Do you recommend to go back to COMODO Firewall at my settings? (There is currently a COMODO Firewall bug that makes Windows Defender Security Center unusable when installed. So I will disable again Windows Defender if I install it), or installing VoodooShield and benefit of the new anti-exploit and protected folders?
 
  • Like
Reactions: Venustus, Handsome Recluse and VecchioScarpone
Danielx64

Danielx64

Level 10
Verified
Well-known
Mar 24, 2017
481
TheMalwareMaster said:
Hey guys, I'm running Windows 10 home and have just upgraded to the fall creators update. Since with Windows 10 home you can't access gpedit, I will be unable to benefit of most of the new security features? (I can still access anti-exploit and protected folders).
Before upgrading I removed COMODO Firewall.
Do you recommend to go back to COMODO Firewall at my settings? (There is currently a COMODO Firewall bug that makes Windows Defender Security Center unusable when installed. So I will disable again Windows Defender if I install it), or installing VoodooShield and benefit of the new anti-exploit and protected folders?
Click to expand...
Just because you don't have access to gpedit it doesn't mean that you can't have some of the new features. In many cases you would need to edit the registry or get a program to do it for you.
 
  • Like
Reactions: Handsome Recluse
VecchioScarpone

VecchioScarpone

Level 6
Verified
Well-known
Aug 19, 2017
278
TheMalwareMaster said:
Hey guys, I'm running Windows 10 home and have just upgraded to the fall creators update. Since with Windows 10 home you can't access gpedit, I will be unable to benefit of most of the new security features? (I can still access anti-exploit and protected folders).
Before upgrading I removed COMODO Firewall.
Do you recommend to go back to COMODO Firewall at my settings? (There is currently a COMODO Firewall bug that makes Windows Defender Security Center unusable when installed. So I will disable again Windows Defender if I install it), or installing VoodooShield and benefit of the new anti-exploit and protected folders?
Click to expand...

I found WD exploit protected folders a pain to use. I disabled that feature. VS is all I need as far as protecting my folders against exploit and a breeze to use. But that is me.
BTW I also have MBAE for extra peace of mind.
 
Windows_Security

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Last edited:
  • Like
Reactions: Av Gurus
Windows_Security

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Umbra said:
I have to say that Win10 anti-exploits features are inconvenient to use...especially the reboots needed, i still prefer HMPA, but i admit it is good for those that can't afford to buy it.
Click to expand...

I like the new exploit protection feature for users with relative common setups like my wife's laptop (vanilla Windows 10 home with Office 2016 Pro and Albelli photobook). Office and Allbelli can be nicely mitigated with the Exploit Guard. I am not so worried about running into exploits in the wild when using Chrome, so Controlled folder access + Exploit Guard are really great additions for average users with a standard setup.

P.S.
For average users not using Windows Defender, MBAE free continuous beta (for exploit mitigation) and ransomfree (for ransomware mitigation) are the two additions which provide the least hassle (ease of installation and compatibility and ease of use). I know there are more advanced options, but they also require more advanced skills of the user.

Regards Kees
 
Last edited:
  • Like
Reactions: frogboy, shmu26, Handsome Recluse and 3 others
VecchioScarpone

VecchioScarpone

Level 6
Verified
Well-known
Aug 19, 2017
278
Windows_Security said:
@Av Gurus
@VecchioScarpone My wife has a vanilla Windows 10 Home (with Office 2016 Pro and Albelli Photobook). Microsoft's own did not give any problem. Just out of precaution I added Albelli to the allowed programs, see picture
Click to expand...
As per my post in this thread #64, I'm at pain with the feature. But as I posted after, that is me. I'm really an average user at best. Your wife and most would likely cruise through what I find hard to fix or understand.
 
  • Like
Reactions: frogboy
Windows_Security

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
VecchioScarpone said:
As per my post in this thread #64, I'm at pain with the feature. But as I posted after, that is me. I'm really an average user at best. Your wife and most would likely cruise through what I find hard to fix or understand.
Click to expand...

My wife always hits the allow button :-( So consider yourself a more than average user. When you installed VoodooShield, you apply a whitelist which places you in 5 to 10% of the users who apply a default deny. You have to be a smart (and advanced) user to let an Artificial Intelligence Machine provide you with smart advice :) on what to allow and block everything when your PC is at risk.
 
  • Like
Reactions: Handsome Recluse and Danielx64
VecchioScarpone

VecchioScarpone

Level 6
Verified
Well-known
Aug 19, 2017
278
Windows_Security said:
My wife always hits the allow button :-( So consider yourself a more than average user. When you installed VoodooShield, you apply a whitelist which places you in 5 to 10% of the users who apply a default deny. You have to be a smart (and advanced) user to let an Artificial Intelligence Machine provide you with smart advice :) on what to allow and block everything when your PC is at risk.
Click to expand...
I use VS with default settings. I use my computer to send emails, read the news, browse a couple of forums, watch TV series online and TV via a tuner. My hard drive is basically empty.
I don't get many prompts from VS and I only allow a process when something legitimate I initiate get stuck. My son always tell me not to use apps the like of WD Exploit mitigation, HMPA, VS. Just that I'm trying to learn by error and trials (lot of errors) but I'm getting better.
I hope you didn't take offense from my previous reply.
 
  • Like
Reactions: _CyberGhosT_
TheMalwareMaster

TheMalwareMaster

Level 21
Verified
Honorary Member
Top Poster
Well-known
Jan 4, 2016
1,022
Is Edge protected by default in the exploit settings?
The only fact that I don't like of VoodooShield is that it slows down my boot time more than COMODO when the desktop loads up (to load up its icon and processes)
 
  • Like
Reactions: Handsome Recluse
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
TheMalwareMaster said:
Is Edge protected by default in the exploit settings?
The only fact that I don't like of VoodooShield is that it slows down my boot time more than COMODO when the desktop loads up (to load up its icon and processes)
Click to expand...
1 Edge runs in appcontainer so it is inherently secure.
2 voodooshield protection kicks in much faster after system startup, maybe that is why it slows boot time, compared to comodo, whose protection starts very late.
 
  • Like
Reactions: _CyberGhosT_, VecchioScarpone and Andy Ful
_CyberGhosT_

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
Av Gurus said:
When set like this (screenshot) it crash all my extensions...:eek:

View attachment 170464
Click to expand...
Good thing you weren't running any HIPS at the time, I have read of some nasty crashes that cripple the OS when that is enabled and run with a HIPS themed software, someone should try it and see what happens ? :sneaky:
I need to go re-find the article but I think in order to get the result I mention, the HIPS software has to be on the system before that option is enabled ?
I will go look for and post the article Sunday evening. I have to go speak this evening at a safety event for an old employer so I have a full schedule till Sunday afternoon.
 
Last edited:
  • Like
Reactions: VecchioScarpone
You must log in or register to reply here.

Similar threads

SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
13,794
Other security for Windows, Mac, Linux
Warencom
W
Trident
    • Like
    • +Reputation
    • Hundred Points
Serious Discussion Harmony Endpoint by Check Point
Replies
685
Views
58,648
Other security for Windows, Mac, Linux
simmerskool
simmerskool
DDE_Server
    • Like
    • Thanks
Windows 10 2004 Under Development, Here Are the New Features
Replies
6
Views
2,118
Windows 10
plat
P

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top