Need the export of the WinDefender registry enrty export for windows 10 pro v20H2
I would like if anyone could help me to send me a link to download the export of the registry entry for windows 10 v20H2. I recently found out that my pc had been infected with numerous viruses, malware and trojans and the several services were missing…
Software Restriction Policies block iTunes App sometimes
We use Software Restriction Policies on corporate computers to protect against ransomware and other malware. Until recently, everything worked fine. Including iTunes worked properly - it was a classic application located in ProgramFiles. But it refused…
Unable to turn off Windows firewall and Virus protection setting
Hi, Our computers are joined to AzureAD and managed by Intune. I have a problem turning off Windows firewall and virus protection setting, it show "The setting is managed by your administrator". I have checked my Intune configuration…
Is there any way to use old passwords?
Every time I have to reset my password, I get an info that I may not use passwords that I hade used in the past. Is thre any way to unset it for my profile?
Enable Conditional Access for all administrative roles, what about Service Principal accounts?
Hi y'all, We just turned on Conditional Access for all administrative roles, so we could enforce MFA. Do we need to exclude Service Principal accounts, like the following accounts: azure-cli-2020-12-07-15-19-39 Microsoft.Azure.SyncFabric …
Windows exe will run from network drive but not local disk
I have a .NET Windows Form application that I have developed. It is deployed to a shared directory on a computer at my client. Any computer that connects to that share can run it just fine. But it is a pretty large program and takes a long to to start up…
Hello face and pin not setting up
Hi, I am having trouble with windows hello face and pin set up. It used to work before I reset my surface pro 7. I want to set hello face recognition but it asks to set up hello pin first, and when I try to do that it asks me password and pin. I type…
Windows 10 - When does Windows Defender run when writing files to disk
When writing files to a file system from a database, does real time protection from Windows Defender stop a file from being written to the disk if malware or a virus is detected? Or does it fully write the file to the file system first, scan it, then…
VPN connection
I have a VPN that allows you to select which server you want to use. If I'm logged into work and I use the Maine VPN on one laptop to connect and the Montana VPN on the other laptop can my employer see what's on the other Montana VPN laptop?
Best Practice for Remote Desktop Access of Windows 10 Virtual Machine
Dear Experts, I want to use a Win10 VM on Azure as virtual desktop. For RDP, I will have to open port 3389. I want to know what are best practices for securely using RDP? I saw on Azure that VPN is an option. If I connect from a regular laptop/desktop…
Defender for Endpoint Duplicate Machines
Hi all, I'm quite confused as to why there are multiple machine entities within my Defender for Endpoint Security Center with the same computerDnsName. The entities quite clearly refer to the same physical device, but with minor differences (e.g. one…
Controlled Folder Access: default Allowed Programs list
Hi, I have tried to learn about Controlled Folder Access in Defender by looking at Microsoft Learn and I can't find anything about which are the programs allowed by default by Windows. I could not find anything even in the Tenforums tutorials about…
Windows 10 security blocks all downloads
I have a two fresh installations of Windows 10 with the latest updates. After several days I notice all my downloads are getting blocked. I searched far and wide and have found no reputable answer as to what is blocking them, why I'm able to download…
WSUS Server Product selection Defender is missing
Hello WSUS Experts, I am trying on Windows Server 2019 WSUS configuration. I do not see Windows Defender products. The end goal is to deploy Windows Defender updates from WSUS Server. However, as per Microsoft documentation, it should be…
Windows defender clients not updating
We have an ADR to deploy our Defender definitions, but it seems like at least some of our Windows 10 clients are not updating. The machines are in the same OU as others that receive updates, although I'm not sure if the successful machines are receiving…
MDATP doesn't constantly detect a ransomware-type mass encryption
Hello, As a part of security tastings, to see the efficacy level of MDATP, we are running a PowerShell script (encrypt_ransomware.ps1) found in the GitHub GitHub - leomatias/Ransomware-Simulator that encrypts a bulk number of files and behaves like…
Enforcing TLS 1.2 - EventViewer full of Event 36871 (fatal error while creating TLS client credential)
I'm trying to disable all protocols below TLS 1.2. I've implemented the following registry settings: But I continue to get tons of these errors in EventViewer:
Can Windows Defender ATP be manipulated with the registry?
We are going with E5's and will deploy Defender AT. We use group policy, though we have a lot of remote users that rarely VPN in. We have Manage Engine Desktop Central as our RMM and can easily push scripts and make registry changes.. I know some of the…
Bitlocker Key Rotation
If I have a Bitlocker policy in Intune and the recovery password rotation is turned on for both Azure AD and Hybrid-Joined devices. Now let say a workstation was triggered into recovery mode, and the user was able to grab the key from…
windows defender blocking my app
Hello, I have created a very simple .exe using python and py2exe that simply prints "hello" to console. However, when uploaded to sharepoint and redownloaded, I get the following warning. If I wanted to share this with others in my…