The Windows Defender Firewall misbehaves when UWF is enabled. How can I resolve this issue?

Andrew Roy 0 Reputation points
2025-03-18T00:53:18.3266667+00:00

When UWF is enabled in Windows 10 IoT LTSC, the firewall blocks incoming connections regardless of the firewall rules. I find this in the event log each time: "Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network." When UWF is disabled, everything works as it should and the application functions correctly without errors. When UWF is enabled, and only when UWF is enabled...

  1. The firewall blocks incoming connections even though there are rules defined to allow incoming connections to the application, both TCP and UDP, on all ports, on any IP address.
  2. Windows Defender fails to notify the user that the onnection was blocked, which causes considerable confusion.

This issue is consistent and reproducible on multiple systems. I have found one other complaint about this issue on the internet, but no answers. How can I resolve this without disabling the firewall completely? Is there a work-around such as a UWF exclusion to address this issue?

Thanks in advance,

Andy

PS. Here is the log entry:

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Date: 3/15/2025 10:59:52 AM

Event ID: 5032

Task Category: Other System Events

Level: Information

Keywords: Audit Failure

User: N/A

Computer: KLY23

Description:

Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anonymous
    2025-03-18T01:42:23.3833333+00:00

    Hello,

    Thank you for posting in Q&A forum.

    Windows Firewall with Advanced Security can be configured to notify the user when an application is blocked by the firewall, and ask if the application should continue to be blocked in the future.

    This event generates if Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

    I hope the information above is helpful.

    Best regards

    Zunhui

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.