mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Move smartscreen and refresh
This commit is contained in:
Vinay Pamnani
parent
cc31320173
commit
7bd4a09022
@ -622,8 +622,7 @@ Some information is sent to Microsoft about files and programs run on PCs with t
|
|||||||
|
|
||||||
<!-- EnableSmartScreen-Editable-Begin -->
|
<!-- EnableSmartScreen-Editable-Begin -->
|
||||||
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
|
<!-- Add any additional information about this policy here. Anything outside this section will get overwritten. -->
|
||||||
|
For more information, see [Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen).
|
||||||
For more information, see [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview).
|
|
||||||
<!-- EnableSmartScreen-Editable-End -->
|
<!-- EnableSmartScreen-Editable-End -->
|
||||||
|
|
||||||
<!-- EnableSmartScreen-DFProperties-Begin -->
|
<!-- EnableSmartScreen-DFProperties-Begin -->
|
||||||
@ -3174,7 +3173,7 @@ If you enable this setting, the system removes the Map Network Drive and Disconn
|
|||||||
This setting doesn't prevent users from connecting to another computer by typing the name of a shared folder in the Run dialog box.
|
This setting doesn't prevent users from connecting to another computer by typing the name of a shared folder in the Run dialog box.
|
||||||
|
|
||||||
> [!NOTE]
|
> [!NOTE]
|
||||||
>
|
>
|
||||||
|
|
||||||
This setting was documented incorrectly on the Explain tab in Group Policy for Windows 2000. The Explain tab states incorrectly that this setting prevents users from connecting and disconnecting drives.
|
This setting was documented incorrectly on the Explain tab in Group Policy for Windows 2000. The Explain tab states incorrectly that this setting prevents users from connecting and disconnecting drives.
|
||||||
|
|
||||||
|
|||||||
@ -23,4 +23,4 @@ The following table summarizes the Windows security features and capabilities fo
|
|||||||
| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
|
| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
|
||||||
| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md) |
|
| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](application-security/application-isolation/windows-sandbox/windows-sandbox-overview.md) |
|
||||||
| Email Security | With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](identity-protection/configure-s-mime.md) |
|
| Email Security | With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](identity-protection/configure-s-mime.md) |
|
||||||
| Microsoft Defender SmartScreen | Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) |
|
| Microsoft Defender SmartScreen | Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen) |
|
||||||
|
|||||||
@ -32,7 +32,7 @@ items:
|
|||||||
displayName: LAPS
|
displayName: LAPS
|
||||||
href: /windows-server/identity/laps/laps-overview
|
href: /windows-server/identity/laps/laps-overview
|
||||||
- name: Enhanced Phishing Protection in Microsoft Defender SmartScreen
|
- name: Enhanced Phishing Protection in Microsoft Defender SmartScreen
|
||||||
href: ../threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen.md
|
href: ../operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
|
||||||
displayName: EPP
|
displayName: EPP
|
||||||
- name: Access Control
|
- name: Access Control
|
||||||
items:
|
items:
|
||||||
|
|||||||
@ -92,7 +92,7 @@ landingContent:
|
|||||||
- text: Windows Sandbox
|
- text: Windows Sandbox
|
||||||
url: application-security\application-isolation\windows-sandbox\windows-sandbox-overview.md
|
url: application-security\application-isolation\windows-sandbox\windows-sandbox-overview.md
|
||||||
- text: Microsoft Defender SmartScreen
|
- text: Microsoft Defender SmartScreen
|
||||||
url: threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
|
url: operating-system-security\virus-and-threat-protection\microsoft-defender-smartscreen\index.md
|
||||||
- text: S/MIME for Windows
|
- text: S/MIME for Windows
|
||||||
url: identity-protection/configure-s-mime.md
|
url: identity-protection/configure-s-mime.md
|
||||||
# Cards and links should be based on top customer tasks or top subjects
|
# Cards and links should be based on top customer tasks or top subjects
|
||||||
|
|||||||
@ -4,7 +4,7 @@ description: A list of all available settings for Microsoft Defender SmartScreen
|
|||||||
ms.prod: windows-client
|
ms.prod: windows-client
|
||||||
author: vinaypamnani-msft
|
author: vinaypamnani-msft
|
||||||
ms.localizationpriority: medium
|
ms.localizationpriority: medium
|
||||||
ms.date: 09/28/2020
|
ms.date: 05/31/2023
|
||||||
ms.reviewer:
|
ms.reviewer:
|
||||||
manager: aaroncz
|
manager: aaroncz
|
||||||
ms.author: vinpa
|
ms.author: vinpa
|
||||||
@ -8,7 +8,7 @@ ms.author: vinpa
|
|||||||
ms.reviewer: paoloma
|
ms.reviewer: paoloma
|
||||||
manager: aaroncz
|
manager: aaroncz
|
||||||
ms.localizationpriority: medium
|
ms.localizationpriority: medium
|
||||||
ms.date: 10/07/2022
|
ms.date: 05/31/2023
|
||||||
adobe-target: true
|
adobe-target: true
|
||||||
appliesto:
|
appliesto:
|
||||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 22H2</a>
|
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 22H2</a>
|
||||||
@ -73,7 +73,7 @@ Enhanced Phishing Protection can be configured using the following Administrativ
|
|||||||
#### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
|
#### [:::image type="icon" source="images/icons/windows-os.svg"::: **CSP**](#tab/csp)
|
||||||
|
|
||||||
Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1].
|
Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1].
|
||||||
|
|
||||||
| Setting | OMA-URI | Data type |
|
| Setting | OMA-URI | Data type |
|
||||||
|-------------------------|---------------------------------------------------------------------------|-----------|
|
|-------------------------|---------------------------------------------------------------------------|-----------|
|
||||||
| **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer |
|
| **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer |
|
||||||
@ -90,7 +90,7 @@ By default, Enhanced Phishing Protection is deployed in audit mode, preventing n
|
|||||||
To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen settings.
|
To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen settings.
|
||||||
|
|
||||||
#### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
|
#### [:::image type="icon" source="images/icons/intune.svg"::: **Intune**](#tab/intune)
|
||||||
|
|
||||||
|Settings catalog element|Recommendation|
|
|Settings catalog element|Recommendation|
|
||||||
|---------|---------|
|
|---------|---------|
|
||||||
|Service Enabled|**Enable**: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends diagnostic data but doesn't show any notifications to your users.|
|
|Service Enabled|**Enable**: Turns on Enhanced Phishing Protection in audit mode, which captures work or school password entry events and sends diagnostic data but doesn't show any notifications to your users.|
|
||||||
|
Before Width: | Height: | Size: 151 KiB After Width: | Height: | Size: 151 KiB |
|
Before Width: | Height: | Size: 1.1 KiB After Width: | Height: | Size: 1.1 KiB |
|
Before Width: | Height: | Size: 1.8 KiB After Width: | Height: | Size: 1.8 KiB |
|
Before Width: | Height: | Size: 215 B After Width: | Height: | Size: 215 B |
@ -12,7 +12,7 @@ adobe-target: true
|
|||||||
ms.collection:
|
ms.collection:
|
||||||
- tier2
|
- tier2
|
||||||
- highpri
|
- highpri
|
||||||
ms.date: 03/20/2023
|
ms.date: 05/31/2023
|
||||||
ms.topic: article
|
ms.topic: article
|
||||||
appliesto:
|
appliesto:
|
||||||
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
|
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
|
||||||
@ -42,7 +42,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
|
|||||||
- **Reputation-based URL and app protection:** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users don't see any warnings. If there's no reputation, the item is marked as a higher risk and presents a warning to the user.
|
- **Reputation-based URL and app protection:** Microsoft Defender SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate has an established reputation, users don't see any warnings. If there's no reputation, the item is marked as a higher risk and presents a warning to the user.
|
||||||
- **Operating system integration:** Microsoft Defender SmartScreen is integrated into the Windows 10 operating system. It checks any files an app (including 3rd-party browsers and email clients) that attempts to download and run.
|
- **Operating system integration:** Microsoft Defender SmartScreen is integrated into the Windows 10 operating system. It checks any files an app (including 3rd-party browsers and email clients) that attempts to download and run.
|
||||||
- **Improved heuristics and diagnostic data:** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up to date, so it can help to protect you against potentially malicious sites and files.
|
- **Improved heuristics and diagnostic data:** Microsoft Defender SmartScreen is constantly learning and endeavoring to stay up to date, so it can help to protect you against potentially malicious sites and files.
|
||||||
- **Management through group policy and Microsoft Intune:** Microsoft Defender SmartScreen supports using both group policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md).
|
- **Management through group policy and Microsoft Intune:** Microsoft Defender SmartScreen supports using both group policy and Microsoft Intune settings. For more info about all available settings, see [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](available-settings.md).
|
||||||
- **Blocking URLs associated with potentially unwanted applications:** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus).
|
- **Blocking URLs associated with potentially unwanted applications:** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus).
|
||||||
|
|
||||||
> [!IMPORTANT]
|
> [!IMPORTANT]
|
||||||
@ -61,5 +61,4 @@ When submitting a file for Microsoft Defender SmartScreen, make sure to select *
|
|||||||
## Related articles
|
## Related articles
|
||||||
|
|
||||||
- [SmartScreen frequently asked questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
|
- [SmartScreen frequently asked questions](https://fb.smartscreen.microsoft.com/smartscreenfaq.aspx)
|
||||||
- [Available Microsoft Defender SmartScreen group policy and mobile device management (MDM) settings](microsoft-defender-smartscreen-available-settings.md)
|
|
||||||
- [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference)
|
- [Configuration service provider reference](/windows/client-management/mdm/configuration-service-provider-reference)
|
||||||
@ -1,21 +1,26 @@
|
|||||||
items:
|
items:
|
||||||
- name: Overview
|
- name: Overview
|
||||||
href: ../../threat-protection/index.md
|
href: index.md
|
||||||
- name: Microsoft Defender Antivirus
|
- name: Microsoft Defender Antivirus 🔗
|
||||||
href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
|
href: /microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows
|
||||||
- name: Configuring LSA Protection
|
- name: Configuring LSA Protection 🔗
|
||||||
href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
|
href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection?toc=/windows/security/toc.json&bc=/windows/security/breadcrumb/toc.json
|
||||||
- name: Attack surface reduction (ASR)
|
- name: Attack surface reduction (ASR) 🔗
|
||||||
href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
|
href: /microsoft-365/security/defender-endpoint/attack-surface-reduction
|
||||||
- name: Tamper protection for MDE
|
- name: Tamper protection for MDE 🔗
|
||||||
href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
|
href: /microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection
|
||||||
- name: Microsoft Vulnerable Driver Blocklist
|
- name: Microsoft Vulnerable Driver Blocklist
|
||||||
href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
|
href: ../../threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
|
||||||
- name: Controlled folder access
|
- name: Controlled folder access 🔗
|
||||||
href: /microsoft-365/security/defender-endpoint/controlled-folders
|
href: /microsoft-365/security/defender-endpoint/controlled-folders
|
||||||
- name: Exploit protection
|
- name: Exploit protection 🔗
|
||||||
href: /microsoft-365/security/defender-endpoint/exploit-protection
|
href: /microsoft-365/security/defender-endpoint/exploit-protection
|
||||||
- name: Microsoft Defender SmartScreen
|
- name: Microsoft Defender SmartScreen
|
||||||
href: ../../threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
|
href: microsoft-defender-smartscreen/index.md
|
||||||
- name: Microsoft Defender for Endpoint
|
items:
|
||||||
href: /microsoft-365/security/defender-endpoint
|
- name: Available settings
|
||||||
|
href: microsoft-defender-smartscreen/available-settings.md
|
||||||
|
- name: Enhanced Phishing Protection
|
||||||
|
href: microsoft-defender-smartscreen/enhanced-phishing-protection.md
|
||||||
|
- name: Microsoft Defender for Endpoint 🔗
|
||||||
|
href: /microsoft-365/security/defender-endpoint
|
||||||
|
|||||||
@ -12,13 +12,7 @@ ms.date: 12/31/2017
|
|||||||
|
|
||||||
# Windows threat protection
|
# Windows threat protection
|
||||||
|
|
||||||
**Applies to:**
|
In Windows client, hardware and software work together to help protect you from new and emerging threats. Expanded security protections in Windows 11 help boost security from the chip, to the cloud.
|
||||||
- Windows 10
|
|
||||||
- Windows 11
|
|
||||||
|
|
||||||
In Windows client, hardware and software work together to help protect you from new and emerging threats. Expanded security protections in Windows 11 help boost security from the chip, to the cloud.
|
|
||||||
|
|
||||||
## Windows threat protection
|
|
||||||
|
|
||||||
See the following articles to learn more about the different areas of Windows threat protection:
|
See the following articles to learn more about the different areas of Windows threat protection:
|
||||||
|
|
||||||
@ -28,15 +22,16 @@ See the following articles to learn more about the different areas of Windows th
|
|||||||
- [Exploit Protection](/microsoft-365/security/defender-endpoint/exploit-protection)
|
- [Exploit Protection](/microsoft-365/security/defender-endpoint/exploit-protection)
|
||||||
- [Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview)
|
- [Microsoft Defender Application Guard](/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview)
|
||||||
- [Microsoft Defender Device Guard](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
|
- [Microsoft Defender Device Guard](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
|
||||||
- [Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview)
|
- [Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/)
|
||||||
- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)
|
- [Network Protection](/microsoft-365/security/defender-endpoint/network-protection)
|
||||||
- [Virtualization-Based Protection of Code Integrity](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity)
|
- [Virtualization-Based Protection of Code Integrity](/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity)
|
||||||
- [Web Protection](/microsoft-365/security/defender-endpoint/web-protection-overview)
|
- [Web Protection](/microsoft-365/security/defender-endpoint/web-protection-overview)
|
||||||
- [Windows Firewall](windows-firewall/windows-firewall-with-advanced-security.md)
|
- [Windows Firewall](windows-firewall/windows-firewall-with-advanced-security.md)
|
||||||
- [Windows Sandbox](/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview)
|
- [Windows Sandbox](/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview)
|
||||||
|
|
||||||
### Next-generation protection
|
## Next-generation protection
|
||||||
Next-generation protection is designed to identify and block new and emerging threats. Powered by the cloud and machine learning, Microsoft Defender Antivirus can help stop attacks in real-time.
|
|
||||||
|
Next-generation protection is designed to identify and block new and emerging threats. Powered by the cloud and machine learning, Microsoft Defender Antivirus can help stop attacks in real-time.
|
||||||
|
|
||||||
- [Automated sandbox service](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus)
|
- [Automated sandbox service](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus)
|
||||||
- [Behavior monitoring](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus)
|
- [Behavior monitoring](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus)
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
---
|
---
|
||||||
title: Mitigate threats by using Windows 10 security features
|
title: Mitigate threats by using Windows 10 security features
|
||||||
description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
|
description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
|
||||||
ms.prod: windows-client
|
ms.prod: windows-client
|
||||||
ms.localizationpriority: medium
|
ms.localizationpriority: medium
|
||||||
@ -84,7 +84,7 @@ Windows Defender SmartScreen notifies users if they click on reported phishing a
|
|||||||
|
|
||||||
For Windows 10, Microsoft improved SmartScreen (now called Windows Defender SmartScreen) protection capability by integrating its app reputation abilities into the operating system itself, which allows Windows Defender SmartScreen to check the reputation of files downloaded from the Internet and warn users when they're about to run a high-risk downloaded file. The first time a user runs an app that originates from the Internet, Windows Defender SmartScreen checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, Windows Defender SmartScreen warns the user or blocks execution entirely, depending on how the administrator has configured Microsoft Intune or Group Policy settings.
|
For Windows 10, Microsoft improved SmartScreen (now called Windows Defender SmartScreen) protection capability by integrating its app reputation abilities into the operating system itself, which allows Windows Defender SmartScreen to check the reputation of files downloaded from the Internet and warn users when they're about to run a high-risk downloaded file. The first time a user runs an app that originates from the Internet, Windows Defender SmartScreen checks the reputation of the application by using digital signatures and other factors against a service that Microsoft maintains. If the app lacks a reputation or is known to be malicious, Windows Defender SmartScreen warns the user or blocks execution entirely, depending on how the administrator has configured Microsoft Intune or Group Policy settings.
|
||||||
|
|
||||||
For more information, see [Microsoft Defender SmartScreen overview](microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md).
|
For more information, see [Microsoft Defender SmartScreen overview]().
|
||||||
|
|
||||||
### Microsoft Defender Antivirus
|
### Microsoft Defender Antivirus
|
||||||
|
|
||||||
@ -124,7 +124,7 @@ Data Execution Prevention (DEP) does exactly that, by substantially reducing the
|
|||||||
|
|
||||||
5. Click **OK**.
|
5. Click **OK**.
|
||||||
|
|
||||||
You can now see which processes have DEP enabled.
|
You can now see which processes have DEP enabled.
|
||||||
|
|
||||||
<!-- This might be a good place to mention the cmdlet that lets you see the same kind of output. -->
|
<!-- This might be a good place to mention the cmdlet that lets you see the same kind of output. -->
|
||||||
|
|
||||||
@ -296,7 +296,7 @@ Some of the protections available in Windows 10 are provided through functions t
|
|||||||
| Extension point disable to block the use of certain third-party extension points | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)<br>\[PROCESS\_CREATION\_MITIGATION\_POLICY\_EXTENSION\_POINT\_DISABLE\_ALWAYS\_ON\] |
|
| Extension point disable to block the use of certain third-party extension points | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)<br>\[PROCESS\_CREATION\_MITIGATION\_POLICY\_EXTENSION\_POINT\_DISABLE\_ALWAYS\_ON\] |
|
||||||
| Heap terminate on corruption to protect the system against a corrupted heap | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)<br>\[PROCESS\_CREATION\_MITIGATION\_POLICY\_HEAP\_TERMINATE\_ALWAYS\_ON\] |
|
| Heap terminate on corruption to protect the system against a corrupted heap | [UpdateProcThreadAttribute function](/windows/win32/api/processthreadsapi/nf-processthreadsapi-updateprocthreadattribute)<br>\[PROCESS\_CREATION\_MITIGATION\_POLICY\_HEAP\_TERMINATE\_ALWAYS\_ON\] |
|
||||||
|
|
||||||
## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit
|
## Understanding Windows 10 in relation to the Enhanced Mitigation Experience Toolkit
|
||||||
|
|
||||||
You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/topic/emet-mitigations-guidelines-b529d543-2a81-7b5a-d529-84b30e1ecee0), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore haven't been brought into Windows 10.
|
You might already be familiar with the [Enhanced Mitigation Experience Toolkit (EMET)](https://support.microsoft.com/topic/emet-mitigations-guidelines-b529d543-2a81-7b5a-d529-84b30e1ecee0), which has since 2009 offered various exploit mitigations, and an interface for configuring those mitigations. You can use this section to understand how EMET mitigations relate to those mitigations in Windows 10. Many of EMET's mitigations have been built into Windows 10, some with extra improvements. However, some EMET mitigations carry high-performance cost, or appear to be relatively ineffective against modern threats, and therefore haven't been brought into Windows 10.
|
||||||
|
|
||||||
@ -322,7 +322,7 @@ One of EMET's strengths is that it allows you to import and export configuration
|
|||||||
Install-Module -Name ProcessMitigations
|
Install-Module -Name ProcessMitigations
|
||||||
```
|
```
|
||||||
|
|
||||||
The Get-ProcessMitigation cmdlet gets the current mitigation settings from the registry or from a running process, or it can save all settings to an XML file.
|
The Get-ProcessMitigation cmdlet gets the current mitigation settings from the registry or from a running process, or it can save all settings to an XML file.
|
||||||
|
|
||||||
To get the current settings on all running instances of notepad.exe:
|
To get the current settings on all running instances of notepad.exe:
|
||||||
|
|
||||||
@ -377,7 +377,7 @@ ConvertTo-ProcessMitigationPolicy -EMETFilePath <String> -OutputFilePath <String
|
|||||||
Examples:
|
Examples:
|
||||||
|
|
||||||
- **Convert EMET settings to Windows 10 settings**: You can run ConvertTo-ProcessMitigationPolicy and provide an EMET XML settings file as input, which will generate a result file of Windows 10 mitigation settings. For example:
|
- **Convert EMET settings to Windows 10 settings**: You can run ConvertTo-ProcessMitigationPolicy and provide an EMET XML settings file as input, which will generate a result file of Windows 10 mitigation settings. For example:
|
||||||
|
|
||||||
```powershell
|
```powershell
|
||||||
ConvertTo-ProcessMitigationPolicy -EMETFilePath policy.xml -OutputFilePath result.xml
|
ConvertTo-ProcessMitigationPolicy -EMETFilePath policy.xml -OutputFilePath result.xml
|
||||||
```
|
```
|
||||||
|
|||||||
@ -40,7 +40,7 @@ For more information, see [Microsoft Pluton security processor](/windows/securit
|
|||||||
<!--6286059, 6063796-->
|
<!--6286059, 6063796-->
|
||||||
**Enhanced Phishing Protection** in **Microsoft Defender SmartScreen** helps protect Microsoft school or work passwords against phishing and unsafe usage on websites and in applications. Enhanced Phishing Protection works alongside Windows security protections to help protect Windows 11 work or school sign-in passwords.
|
**Enhanced Phishing Protection** in **Microsoft Defender SmartScreen** helps protect Microsoft school or work passwords against phishing and unsafe usage on websites and in applications. Enhanced Phishing Protection works alongside Windows security protections to help protect Windows 11 work or school sign-in passwords.
|
||||||
|
|
||||||
For more information, see [Enhanced Phishing Protection in Microsoft Defender SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen) and [Protect passwords with enhanced phishing protection](https://aka.ms/EnhancedPhishingProtectionBlog) in the Windows IT Pro blog.
|
For more information, see [Enhanced Phishing Protection in Microsoft Defender SmartScreen](/windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection) and [Protect passwords with enhanced phishing protection](https://aka.ms/EnhancedPhishingProtectionBlog) in the Windows IT Pro blog.
|
||||||
|
|
||||||
## Smart App Control
|
## Smart App Control
|
||||||
<!-- 6286281-->
|
<!-- 6286281-->
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user