Microsoft Windows 10: Windows Defender SmartScreen prompts for sites (Edge)

This policy setting lets you decide whether employees can override the Windows Defender SmartScreen warnings about potentially malicious websites. If you enable this setting, employees can SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced source...

Microsoft Windows 10: Windows Defender SmartScreen (Edge)

This policy setting lets you configure whether to turn on Windows Defender SmartScreen. Windows Defender SmartScreen provides warning messages to help protect your employees from potential phishing scams and malicious software. By default, Windows Defender SmartScreen is turned on. If you enable...

Microsoft Windows: Configure Watson events

This policy setting allows you to configure whether or not Watson events are sent. If you enable or do not configure this setting, Watson events will be sent. If you disable this setting, Watson events will not be sent. C Microsoft Corporation 2015. SPDX-FileCopyrightText: 2018 Greenbone AG Some...

Executing Meterpreter on Windows 10 and Bypassing Antivirus

One of my Labs colleagues recently published an article on the Coalfire Blog about executing an obfuscated PowerShell payload using Invoke-CradleCrafter. This was very useful, as Windows Defender has upped its game lately and is now blocking Metasploits Web Delivery module. I wanted to demonstrat...

CVE-2018-5174

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

CVE-2018-5174

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

Code injection

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

CVE-2018-5174

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

CVE-2018-5174

In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEEMASKFLAGNOUI" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and i...

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

Microsoft Windows Defender AV: Windows Defender protection against PUA

This test checks the setting for policy OpenVAS Vulnerability Test $Id: defavenablepua.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Windows Defender AV: Turn on Windows Defender protection against Potentially Unwanted Applications Authors: Emanuel Moss Copyright: Copyright c 2018...

Microsoft Windows Defender AV: Number of days before spyware definitions are outdated

This test checks the setting for policy OpenVAS Vulnerability Test $Id: defavdaysbeforespywareoutdated.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Windows Defender AV: Define the number of days before spyware definitions are considered out of date Authors: Emanuel Moss Copyright:...

Microsoft Windows Defender AV: Number of days before virus definitions are outdated

This test checks the setting for policy OpenVAS Vulnerability Test $Id: defavdaysbeforevirusoutdated.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Windows Defender AV: Define the number of days before virus definitions are considered out of date Authors: Emanuel Moss Copyright: Copyrigh...

Microsoft Windows Defender AV: Turn on e-mail scanning

This test checks the setting for policy OpenVAS Vulnerability Test $Id: defavemailscanning.nasl 11495 2018-09-20 10:06:25Z emoss $ Check value for Windows Defender AV: Turn on e-mail scanning Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This...

Windows Defender Firewall: Prohibit notifications

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofilenotification.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: Prohibit notifications Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Windows Defender Firewall: Outbound connections

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofileoutboundcon.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: Domain: Outbound connections Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Windows Defender Firewall: Log successful connections

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofilelogsuccesspackets.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: Log successful connections Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Windows Defender Firewall: Logfile path

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofilelogfilepath.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: Path to logfile Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.ne...

Windows Defender Firewall: Log dropped packets

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofilelogdroppedpackets.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: Log dropped packets Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Windows Defender Firewall: Logfile size limit

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winadvsecprofilelogfilesize.nasl 10010 2018-05-29 14:43:35Z emoss $ Check value for Windows Defender Firewall: logfile size limit Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...