Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Windows Defender Delay Protection.
Message
<blockquote data-quote="Andy Ful" data-source="post: 887855" data-attributes="member: 32260"><p>To be honest, I do not think that any AV vendor would like to apply a Delay Protection. But, it is interesting that such a simple procedure can be very effective nowadays. It is also interesting that probably only a small percent of users can live with it, even if it is technically very simple and easy to understand.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite132" alt=":unsure:" title="Unsure :unsure:" loading="lazy" data-shortname=":unsure:" /></p><p></p><p>As one of the posters already mentioned, the execution/opening delay can be useful in practice to support SmartScreen, instead of turning it off. SmartScreen is actually the best file reputation service, but many people ignore the alerts because of many false positives. So my proposition for them is as follows:</p><ol> <li data-xf-list-type="ol">Keep an eye on SmartScreen alerts.</li> <li data-xf-list-type="ol">If the executable triggers the SmartScreen alert, then wait minimum one day before executing the file.</li> <li data-xf-list-type="ol">Do it also for not safe files (no SmartScreen alert) like: email attachments, links embedded in emails, archives, MS Office or Adobe Reader documents, files shared with other people, etc.</li> </ol><p>This is much easier to live with, I think.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /><img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite130" alt="(y)" title="Thumbs up (y)" loading="lazy" data-shortname="(y)" /></p><p></p><p>Edit.</p><p>If I correctly recall, the DP is present in some form in Comodo IS.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 887855, member: 32260"] To be honest, I do not think that any AV vendor would like to apply a Delay Protection. But, it is interesting that such a simple procedure can be very effective nowadays. It is also interesting that probably only a small percent of users can live with it, even if it is technically very simple and easy to understand.:unsure: As one of the posters already mentioned, the execution/opening delay can be useful in practice to support SmartScreen, instead of turning it off. SmartScreen is actually the best file reputation service, but many people ignore the alerts because of many false positives. So my proposition for them is as follows: [LIST=1] [*]Keep an eye on SmartScreen alerts. [*]If the executable triggers the SmartScreen alert, then wait minimum one day before executing the file. [*]Do it also for not safe files (no SmartScreen alert) like: email attachments, links embedded in emails, archives, MS Office or Adobe Reader documents, files shared with other people, etc. [/LIST] This is much easier to live with, I think.:)(y) Edit. If I correctly recall, the DP is present in some form in Comodo IS. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
