News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Enable Attack Surface Reduction in Win10-1709

    Home Forums Admin IT Lounge Enable Attack Surface Reduction in Win10-1709

    This topic contains 2 replies, has 2 voices, and was last updated by  NetDef 1 year, 12 months ago.

    • Author
      Posts
    • #139783 Reply

      Kirsty
      Da Boss

      Enable Attack surface reduction
      08/25/2017 | Windows IT Pro Center>Threat Protection

       
      Enable and audit Attack surface reduction rules

      Applies to:

      Windows 10, version 1709

      Audience

      Enterprise security administrators

      Manageability available with

      Group Policy
      PowerShell
      Configuration service providers for mobile device management

      Attack surface reduction is a feature that is part of Windows Defender Exploit Guard. It helps prevent actions and apps that are typically used by exploit-seeking malware to infect machines.

      Enable and audit Attack surface reduction rules

      You can use Group Policy, PowerShell, or MDM CSPs to configure the state or mode for each rule. This can be useful if you only want to enable some rules, or you want to enable rules individually in audit mode.

       
      Read the full article here

      1 user thanked author for this post.
    • #139799 Reply

      Kirsty
      Da Boss

      According to Microsoft Malware Protection Center, ASR can block office applications from creating child processes, such as in the new DDE-based campaign (Exploit:O97M/DDEDownloader.B) seen in the wild right now via spam.

    • #140013 Reply

      NetDef
      AskWoody_MVP

      This new security functionality is part of the new WDEG in Windows 10 1709.  Deploying these four features is the primary driver for why we are testing this release as much as we have in the last week.  It’s the single most important new feature in Windows 10 to our clients.

      So far at least, WDEG has worked better in our testing than most of the other new features in 1709.  Almost like it was written by a more competent dev team . . .

      One other note:  this feature requires that you use WD as your real time protection.  We’re evaluating that as well as the pay for edition coming in Microsoft 365.

      ~ Group "Weekend" ~

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Enable Attack Surface Reduction in Win10-1709

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.