This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 1%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
A question has been brought up by one of the employees after integration with Intune, Why is Block DVR: Enabled is a default setting in the Microsoft Security Baseline?. I would like to know the reason why this was a decision taken by Microsoft. I need to understand the reasoning and the security concerns of this feature before changing the baseline default to allow DVR to be used.
When doing some research I discovered that DVR is considered a vulnerability for CCTV devices and IoT Cameras.
I have also discovered that there are a couple of vulnerability disclosures about .dvr-ms that affected older versions of Microsoft and didn't have mentions of Xbox Game Bar or Windows 10.
MS11-015
MS11-092
CVE-2011-0042
CVE-2011-0032
CVE-2011-3401
I have not found instances where Xbox Game Bar uses the .dvr-ms files therefore I do not yet see the exploit path through the software.
Some of our engineers find the recording feature of the Xbox Game Bar to be beneficial when recording tutorials and instructions to be shared with the rest of the users.
Thank you
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Ana , In fact, the setting in the baselines default configuration is recommended by the relevant security team.
https://learn.microsoft.com/en-us/mem/intune/protect/security-baseline-settings-mdm-all?pivots=mdm-november-2021
For the setting "Block game DVR (desktop only)", it specifies whether DVR and broadcasting are allowed.
https://learn.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowgamedvr
The Microsoft Game Development Kit (GDK) includes a set of APIs for broadcast notifications that show broadcasting UI, adding metadata to screenshots, video clips, broadcast, and capturing diagnostic screenshots and video.
https://learn.microsoft.com/en-us/gaming/gdk/_content/gc/system/overviews/gamedvr-broadcast
Based on my researching, sometimes it may capture some unwanted screenshots which may cause risk. I think this maybe the reason to disable it by default. If you want to know more about the setting. You can open a new thread and add "windowa-10 security" tag to see if you can get more help.
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Ana , Hope the above information can help. If there's anything else we can help, feel free to let us know.