Advice Request Windows Firewall: What outbound rules to enable vital Windows processes/services?

Please provide comments and solutions that are helpful to the author of this topic.

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
The only problem are certificates, used by Windows and browsers, they are updated daily via svchost.
They might get outdated or not revoked, when they get vulnerable, like for drivers or webpages.
Then again, 10 is updated twice a year, so it is not such an issue, but still worth considering.

 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
I was taking this route, but got this warning message which I did not fully understand:

View attachment 208759
That is the longer version of what I posted. Some system processes are restricted by Microsoft, and changing that may have unexpected consequences.
Allowing svchost.exe should not be dangerous to the system. But, blocking it fully can be more dangerous.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Fully allowing svchost.exe, makes checking Windows Updates functional. I tried to restrict svchost for anything, except Windows services, but this blocked Windows Updates. So, svchost in Windows Updates needs something more than services only.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top