deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

SmartScreen

Browse Source
This commit is contained in:
Vinay Pamnani (from Dev Box) 2025-04-15 14:19:15 -06:00
parent 315a3495fc
commit cf00866743
3 changed files with 40 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/available-settings.md
View File

@ -1,7 +1,7 @@
--- ---
title: Available Microsoft Defender SmartScreen settings title: Available Microsoft Defender SmartScreen settings
description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings. description: A list of all available settings for Microsoft Defender SmartScreen using Group Policy and mobile device management (MDM) settings.
ms.date: 10/10/2024 ms.date: 04/15/2025
ms.topic: reference ms.topic: reference
--- ---
@ -43,13 +43,13 @@ By default, Microsoft Defender SmartScreen lets users bypass warnings. Unfortuna
To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen Group Policy and MDM settings. To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen Group Policy and MDM settings.
| Group Policy setting | Recommendation | | Group Policy setting | Recommendation |
|--- |--- | |--|--|
| Administrative Templates > Windows Components > Microsoft Edge > Configure Windows Defender SmartScreen | **Enable.** Turns on Microsoft Defender SmartScreen. | | Administrative Templates > Windows Components > Microsoft Edge > Configure Windows Defender SmartScreen | **Enable.** Turns on Microsoft Defender SmartScreen. |
| Administrative Templates > Windows Components > Microsoft Edge > Prevent bypassing Windows Defender SmartScreen prompts for sites | **Enable.** Stops users from ignoring warning messages and continuing to a potentially malicious website. | | Administrative Templates > Windows Components > Microsoft Edge > Prevent bypassing Windows Defender SmartScreen prompts for sites | **Enable.** Stops users from ignoring warning messages and continuing to a potentially malicious website. |
| Administrative Templates > Windows Components > Explorer > Configure Windows Defender SmartScreen | **Enable with the Warn and prevent bypass option.** Stops users from ignoring warning messages about malicious files downloaded from the Internet. | | Administrative Templates > Windows Components > Explorer > Configure Windows Defender SmartScreen | **Enable with the Warn and prevent bypass option.** Stops users from ignoring warning messages about malicious files downloaded from the Internet. |
| MDM setting | Recommendation | | MDM setting | Recommendation |
|--- |--- | |--|--|
| Browser/AllowSmartScreen | **1.** Turns on Microsoft Defender SmartScreen. | | Browser/AllowSmartScreen | **1.** Turns on Microsoft Defender SmartScreen. |
| Browser/PreventSmartScreenPromptOverride | **1.** Stops users from ignoring warning messages and continuing to a potentially malicious website. | | Browser/PreventSmartScreenPromptOverride | **1.** Stops users from ignoring warning messages and continuing to a potentially malicious website. |
| Browser/PreventSmartScreenPromptOverrideForFiles | **1.** Stops users from ignoring warning messages and continuing to download potentially malicious files. | | Browser/PreventSmartScreenPromptOverrideForFiles | **1.** Stops users from ignoring warning messages and continuing to download potentially malicious files. |

50
windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection.md
View File

@ -1,7 +1,7 @@
--- ---
title: Enhanced Phishing Protection in Microsoft Defender SmartScreen title: Enhanced Phishing Protection in Microsoft Defender SmartScreen
description: Learn how Enhanced Phishing Protection for Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps. description: Learn how Enhanced Phishing Protection for Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps.
ms.date: 07/10/2024 ms.date: 04/15/2025
ms.topic: article ms.topic: article
appliesto: appliesto:
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 22H2</a> - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11, version 22H2</a>
@ -19,7 +19,7 @@ If a user signs into Windows using a password, Enhanced Phishing Protection work
- If users type their work or school password into a website or app that SmartScreen finds suspicious, Enhanced Phishing Protection can automatically collect information from that website or app to help identify security threats. For example, the content displayed, sounds played, and application memory. - If users type their work or school password into a website or app that SmartScreen finds suspicious, Enhanced Phishing Protection can automatically collect information from that website or app to help identify security threats. For example, the content displayed, sounds played, and application memory.
> [!NOTE] > [!NOTE]
> When a user signs in to a device using a Windows Hello for Business PIN or biometric, Enhanced Phishing Protection does not alert the user or send events to [Microsoft Defender for Endpoint (MDE)](/microsoft-365/security/defender-endpoint/). > When a user signs in to a device using a Windows Hello for Business PIN or biometric, Enhanced Phishing Protection doesn't alert the user or send events to [Microsoft Defender for Endpoint (MDE)](/microsoft-365/security/defender-endpoint/).
## Benefits of Enhanced Phishing Protection in Microsoft Defender SmartScreen ## Benefits of Enhanced Phishing Protection in Microsoft Defender SmartScreen
@ -37,7 +37,7 @@ Enhanced Phishing Protection provides robust phishing protections for work or sc
## Configure Enhanced Phishing Protection for your organization ## Configure Enhanced Phishing Protection for your organization
Enhanced Phishing Protection can be configured via Microsoft Intune, Group Policy Objects (GPO) or Configuration Service Providers (CSP) with an MDM service. These settings are available to configure your devices using either Microsoft Intune, GPO, or CSP. Enhanced Phishing Protection can be configured via Microsoft Intune, Group Policy Objects (GPO), or Configuration Service Providers (CSP) with an MDM service. These settings are available to configure your devices using either Microsoft Intune, GPO, or CSP.
| Setting | Description | | Setting | Description |
|--|--| |--|--|
@ -65,17 +65,7 @@ To configure devices using Microsoft Intune, create a [**Settings catalog** poli
Assign the policy to a security group that contains as members the devices or users that you want to configure. Assign the policy to a security group that contains as members the devices or users that you want to configure.
#### [:::image type="icon" source="../../../images/icons/group-policy.svg"::: **GPO**](#tab/gpo) #### [:::image type="icon" source="../../../images/icons/csp.svg"::: **CSP**](#tab/csp)
Enhanced Phishing Protection can be configured using the following group policy settings found under **Administrative Templates > Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection**:
- Automatic Data Collection
- Service Enabled
- Notify Malicious
- Notify Password Reuse
- Notify Unsafe App
#### [:::image type="icon" source="../../../images/icons/gear.svg"::: **CSP**](#tab/csp)
Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1]. Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][WIN-1].
@ -87,11 +77,21 @@ Enhanced Phishing Protection can be configured using the [WebThreatDefense CSP][
| **NotifyUnsafeApp** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyUnsafeApp` | Integer | | **NotifyUnsafeApp** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/NotifyUnsafeApp` | Integer |
| **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer | | **ServiceEnabled** | `./Device/Vendor/MSFT/Policy/Config/WebThreatDefense/ServiceEnabled` | Integer |
#### [:::image type="icon" source="../../../images/icons/group-policy.svg"::: **GPO**](#tab/gpo)
Enhanced Phishing Protection can be configured using the following group policy settings found under **Administrative Templates > Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection**:
- Automatic Data Collection
- Service Enabled
- Notify Malicious
- Notify Password Reuse
- Notify Unsafe App
--- ---
### Recommended settings for your organization ### Recommended settings for your organization
By default, Enhanced Phishing Protection is deployed in audit mode, preventing notifications to the users for any protection scenarios. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender. Users aren't warned if they enter their work or school password into a phishing site, if they reuse their password, or if they unsafely store their password in applications. Because of this possibility, it's recommended that you configure Enhanced Phishing Protection to warn users during all protection scenarios. By default, Enhanced Phishing Protection is deployed in audit mode, preventing notifications to the users for any protection scenarios. In audit mode, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender. Users aren't warned if they enter their work or school password into a phishing site, if they reuse their password, or if they unsafely store their password in applications. Because of this possibility, we recommend that you configure Enhanced Phishing Protection to warn users during all protection scenarios.
| Setting | Default Value | Recommendation | | Setting | Default Value | Recommendation |
|---------------------------|------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |---------------------------|------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
@ -113,6 +113,16 @@ To better help you protect your organization, we recommend turning on and using
| Notify Password Reuse | **Enabled** | | Notify Password Reuse | **Enabled** |
| Notify Unsafe App | **Enabled** | | Notify Unsafe App | **Enabled** |
#### [:::image type="icon" source="../../../images/icons/csp.svg"::: **CSP**](#tab/csp)
| MDM setting | Recommended value |
|-------------------------|-------------------|
| AutomaticDataCollection | **1** |
| ServiceEnabled | **1** |
| NotifyMalicious | **1** |
| NotifyPasswordReuse | **1** |
| NotifyUnsafeApp | **1** |
#### [:::image type="icon" source="../../../images/icons/group-policy.svg"::: **GPO**](#tab/gpo) #### [:::image type="icon" source="../../../images/icons/group-policy.svg"::: **GPO**](#tab/gpo)
| Group Policy setting | Recommended value | | Group Policy setting | Recommended value |
@ -123,16 +133,6 @@ To better help you protect your organization, we recommend turning on and using
| Notify Password Reuse | **Enabled** | | Notify Password Reuse | **Enabled** |
| Notify Unsafe App | **Enabled** | | Notify Unsafe App | **Enabled** |
#### [:::image type="icon" source="../../../images/icons/gear.svg"::: **CSP**](#tab/csp)
| MDM setting | Recommended value |
|-------------------------|-------------------|
| AutomaticDataCollection | **1** |
| ServiceEnabled | **1** |
| NotifyMalicious | **1** |
| NotifyPasswordReuse | **1** |
| NotifyUnsafeApp | **1** |
--- ---
## Related articles ## Related articles

4
windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/index.md
View File

@ -1,7 +1,7 @@
--- ---
title: Microsoft Defender SmartScreen overview title: Microsoft Defender SmartScreen overview
description: Learn how Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. description: Learn how Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files.
ms.date: 07/10/2024 ms.date: 04/15/2025
ms.topic: overview ms.topic: overview
appliesto: appliesto:
- ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a> - ✅ <a href="https://learn.microsoft.com/windows/release-health/supported-versions-windows-client" target="_blank">Windows 11</a>
@ -35,7 +35,7 @@ Microsoft Defender SmartScreen provide an early warning system against websites
- **Blocking URLs associated with potentially unwanted applications:** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus). - **Blocking URLs associated with potentially unwanted applications:** In Microsoft Edge (based on Chromium), SmartScreen blocks URLs associated with potentially unwanted applications, or PUAs. For more information on blocking URLs associated with PUAs, see [Detect and block potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus).
> [!IMPORTANT] > [!IMPORTANT]
> SmartScreen protects against malicious files from the internet. It does not protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares. > SmartScreen protects against malicious files from the internet. It doesn't protect against malicious files on internal locations or network shares, such as shared folders with UNC paths or SMB/CIFS shares.
[!INCLUDE [microsoft-defender-smartscreen](../../../../../includes/licensing/microsoft-defender-smartscreen.md)] [!INCLUDE [microsoft-defender-smartscreen](../../../../../includes/licensing/microsoft-defender-smartscreen.md)]