Categories
Windows

What is Windows Defender Application Guard?

The Windows Defender Application Guard (for Edge) is designed to protect your Windows OS from malware and zero-day attacks. When enabled, the feature works by creating a new instance of the Edge browser. The new instance is created on the hardware level using Hyper-V with its own kernel and all the required elements for the Edge browser to run normally.

cve
According to Microsoft the new security protection mechanism helps against new Browser attacks and vulnerabilities. Picture Source: Microsoft Blog
Categories
Microsoft

Windows Defender detects FinFisher trojan

Microsoft released their final analysis report which shows that Office / Windows Defender detecting FinFisher. Security experts explained that the detection of the latest variant of FinFisher was ‘complex’ and required to build new strategies to detect the obfuscated code.

Windows Defender detects FinFisher
FinFisher detected by Windows Defender. Picture Source: cloudblogs.microsoft.com
Categories
Microsoft

Windows Defender will soon detect & remove cleaner scareware

From March 1, Windows Defender and other Microsoft security products will classify programs that display “coercive messages” as unwanted software. Which means such programs will be removed from the user’s system.

efe

Categories
Review Windows 10

A closer look at Windows Defender

This article will answer the question if Windows Defender is enough as protection and what Microsoft could do to improve the product. As I stated earlier I’m not a big friend of Antivirus products but I do believe in layer-security which means we take a serious look into WD’s defending mechanism.

Windows Defender

Categories
Tutorials

Windows Defender: Howto enable Controlled Folder Access

Windows Defender recently got a new feature, it’s to protect a folder with a password so that no other person than you can open that protected folder or modify the files inside – right now we was forced to install 3rd-party software to do this. “Controlled Folder Access” – this feature is a part of “Windows Defender Security Center” application. This feature doesn’t allow users to password-protect a single file or a single folder but with the help of this feature, you can restrict users from modifying a file or creating new files inside such a protected folder.

fdef

The new function requires the latest Windows Build, otherwise you won’t see the option! If it’s not there then it means that your Windows Build doesn’t support it, in this case just wait till you get the update.

Categories
Lemme fix Windows 10

Lemme fix: Windows Denfender High CPU usage

Another week and another Lemme fix, this time we inspect Windows Defender, which might cause high CPU usage during the updates or even if you PC is in idle. The Antimalware Service Executable is causing the issue, aka MsMpEng.exe which can be seen in the Task Manager, you will notice a higher cpu usage, among higher network and disk I/O writes.

WD causes higher CPU drain

Categories
Security Tutorials Windows 10

Hardening MS Office with Windows Defender Exploit Guard

Windows Defender Exploit Guard runs all the security benefits necessary to keep intrusion threats at bay. A characteristic feature of this tool is ‘Exploit Protection’. It automatically applies to many exploit mitigation techniques. This capability can be tested inside the Windows Defender Security Center under App & browser control >  Exploit protection. By accessing the Exploit protection settings, you can control system-wide settings and program-specific overrides. Let us learn how to configure, and manage Windows system and application exploit mitigations using Windows Defender Exploit Guard (WDEG).

Windows Defender Exploit Guard
Windows Defender Exploit Guard
Categories
Security

Microsoft Issues Emergency Update to their Malware Protection Engine

CVE-2017-11937 has not yet been exploited in the wild – that’s what Redmond says. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically.

Windows-vulnerability-patch-update