Another key Win10 security feature bites the dust: Say goodbye to Windows Defender Exploit Guard

[Karlston]

Another key Win10 security feature bites the dust: Say goodbye to Windows Defender Exploit Guard

There’s a reason why I’m skeptical about the fancy new security features touted for Win10 versions. In many cases, at least for me, they don’t work. Enterprises have a different school of fish to fry, but the benefits of some of the new features just eludes me.

 

Take, if you will, the Windows Defender Exploit Guard. When Win10 version 1709 hit the street, it was billed as a major new security feature that the whole world needs. Although on the surface it seemed like something I could understand — keep rogue programs out of key pieces of Windows — I never got it to work right. Here’s how MS described it back during the 1709 release:

Implementing Attack Surface Reduction rules within Windows Defender Exploit Guard. Exploit Guard is a new feature of v1709 that helps prevent a variety of actions often used by malware. You can read more about Exploit Guard here: Reduce attack surfaces with Windows Defender Exploit Guard. Note that we have enabled “block” mode for all of these settings. We are continuing to watch the “Block office applications from injecting into other process” setting; if it creates compatibility problems then we might change the baseline recommendation to “audit” mode for that setting. Please let us know what you observe.

That seems like a worthy goal, and I dutifully reported on it. But I never got it to work.

 

Now comes word that Microsoft’s recommending everybody disable it in Win10 1909. From the newly published Security Baseline for 1909:

Exploit Protection 

 

Because of reported compatibility issues with the Exploit Protection settings that we began incorporating with the Windows 10 v1709 baselines, we have elected to remove the settings from the baseline and to provide a script for removing the settings from machines that have had those settings applied. (See Remove-EPBaselineSettings.ps1 in the download package’s Scripts folder.)

So this once-highly-touted security feature has not only bitten the dust, there’s a handy program included in the Security Baselines toolbox that makes it easy to ensure that the %$#@! thing has been turned off everywhere.

 

There’s a reason to be skeptical of new security “features” that you don’t understand….

 

 

Source: Another key Win10 security feature bites the dust: Say goodbye to Windows Defender Exploit Guard (AskWoody - Woody Leonhard)

[steven36]

Windows defender is a joke because someone can report a vulnerability with it and Microsoft want even fix it tell  people start getting infected  with ransomware that it can't detect and so do 99% of the security industry wait tell malware is seen in the wild before fixing there software to detect it . That why conman sense  is needed they wait tell people get infected and  patch much latter like what happen with CC Cleaner . Only thing Microsoft  is fast about patching is  virus that can be used with malware witch  is patched on the  windows side (Windows Updates)  not there romper room anti malware that dont protect you against anything not seen in the wild yet.

 

[Guest]

Thank God I didn't use Windows Defender.

[dhjohns]

35 minutes ago, Edward Raja said:

Thank God I didn't use Windows Defender.

I don't use any AV.

[Guest]

46 minutes ago, dhjohns said:

I don't use any AV.

But then still relying on common sense.

[dhjohns]

11 hours ago, Edward Raja said:

But then still relying on common sense.

Absolutely!

[steven36]

Not using and antivirus at all on Windows is not common sense  it's just luck if you dont get infected . Its just a  tool  that will help you stay protected  along with using  conman sense .  I  will never forgot the time i seen one of the members on here say they had not used and antivirus for years and one day they downloaded a infected  file from here  and got infected . Conman sense can't  detect malware at all  it can only  reduce  your chances of of being infected but if you ever slip up  and do something stupid  or get infected by drive by malware your just screwed .

[Guest]

To put it simple, use a reputable anti-malware solution, learn better cybersecurity measures, use common sense, and brains as well.