Windows 10 1909 Drops Exploit Protection From Security Baseline
- Thread starter LASER_oneXM
- Start date
Some Exploit protection settings were simply too restrictive for daily work in Enterprises. Administrators can still use Exploit Protection settings when adjusted to their needs.
There's a very helpful post about this at Ask Woody: https://www.askwoody.com/forums/top...-windows-defender-exploit-guard/#post-2009573
Basically, Microsoft is only removing a few presets for ASR for Enterprise users, but "Exploit Protection" (EMET replacement) for Home users isn't changing. I find it confusing that Microsoft uses similar names for different things.
Basically, Microsoft is only removing a few presets for ASR for Enterprise users, but "Exploit Protection" (EMET replacement) for Home users isn't changing. I find it confusing that Microsoft uses similar names for different things.
When ever happened to the pre-set ASR that was supposed to filter down to home/pro editions of Windows 10? I remember about a year or a year and half ago, they were talking about this. It was supposed to be something like a one-click ConfigureDefender config.
Here is the working link to the article that was commented on some forums:
This guy does not understand that he cannot generalize personal experience with Exploit Guard. Furthermore, he messed up the Exploit protection with ASR rules.
Additionally, some guys on a few forums have misunderstood his post, because they did not know what is the security baseline for Windows.
WD Exploit Guard includes:
There were complaints related to compatibility issues after applying anti-exploit mitigations via the security baseline policies, so Microsoft simply removed these policies form the security baseline for Windows 1909. Of course, the mitigations can still be applied by administrators for any application via WD Security Center (also in Windows Home) or PowerShell cmdlet.
Edit.
ConfigureDefender does not include Exploit protection settings. It can configure some other Exploit Guard features, like ASR rules, Controlled Folder Access, and Network protection.
This guy does not understand that he cannot generalize personal experience with Exploit Guard. Furthermore, he messed up the Exploit protection with ASR rules.
Additionally, some guys on a few forums have misunderstood his post, because they did not know what is the security baseline for Windows.
WD Exploit Guard includes:
- Attack Surface Reduction
- Controlled folder access
- Exploit protection
- Network protection
There were complaints related to compatibility issues after applying anti-exploit mitigations via the security baseline policies, so Microsoft simply removed these policies form the security baseline for Windows 1909. Of course, the mitigations can still be applied by administrators for any application via WD Security Center (also in Windows Home) or PowerShell cmdlet.
Edit.
ConfigureDefender does not include Exploit protection settings. It can configure some other Exploit Guard features, like ASR rules, Controlled Folder Access, and Network protection.
Last edited:
EDIT: It seems, that MT changes "w i n 1 0" to "Windows 10" automatically, even in the code?
Code:
https://www.askwoody.com/2019/another-key-win10-security-feature-bites-the-dust-say-goodbye-to-windows-defender-exploit-guard/Attachments
Tried the link, this is what I got. Is it possible the content was pulled?
I follow the Defender thread at Wilders; here is a Microsoft rep refuting the content out of hand.
www.wilderssecurity.com
EDIT--meh, content's still there, I just accessed it from Wilders. Sorry about that.
I follow the Defender thread at Wilders; here is a Microsoft rep refuting the content out of hand.
Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs
Another key Win10 security feature bites the dust: Say goodbye to Windows Defender Exploit Guard...
www.wilderssecurity.com
EDIT--meh, content's still there, I just accessed it from Wilders. Sorry about that.
Last edited:
Malware Tips website automatically changes 'w i n 10' to 'Windows 10' (as TairikuOkami already noticed), so you have got an error.
I replaced the full link with a shortened version. It works on my web browser, but I am not sure if it will work generally.
Last edited:
F
ForgottenSeer 823865
I guess people don't understand what the word "baseline" means...
By the way, I should create AskUmbra site, would be better than all those AskMeButImNoobs one.
By the way, I should create AskUmbra site, would be better than all those AskMeButImNoobs one.
I like the sound of that, has a certain finesse about it.. As long as you don't treat us all as NOOBS...
You may also like...
-
Akira ransomware abuses CPU tuning tool to disable Microsoft Defender- Started by Andy Ful
- Replies: 0
-
Beginning test of WHH at max settings per Andy Ful + OSArmor + SysHardener + Sysmon in DMZ- Started by Victor M
- Replies: 36
-
Harden Your Windows Security: Master Microsoft Defender’s Advanced Protections- Started by Bot
- Replies: 1
-
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks- Started by Gandalf_The_Grey
- Replies: 0
-
Support for Windows 10 has ended, but Microsoft Defender will continue to protect your PC- Started by Parkinsond
- Replies: 8