If you are a Windows Defender Applications user, then there is important news for you, and it might be interesting for you to try and use, where Microsoft has released a list of recommendations. blocking rules on a number of applications that are usually used by attacker to do bypass application admission policies, including Windows Defender Applications Control.

And if you’re curious, here is the list Recommended Blocking Rules as reported from page Microsoft.

  • addinprocess.exe
  • addinprocess32.exe
  • addinutil.exe
  • aspnet_compiler.exe
  • bash.exe
  • bginfo.exe1
  • cdb.exe
  • cscript.exe
  • csi.exe
  • dbghost.exe
  • dbgsvc.exe
  • dnx.exe
  • dotnet.exe
  • fsi.exe
  • fsiAnyCpu.exe
  • infdefaultinstall.exe
  • kd.exe
  • kill.exe
  • lxssmanager.dll
  • lxrun.exe
  • Microsoft.Build.dll
  • Microsoft.Build.Framework.dll
  • Microsoft.Workflow.Compiler.exe
  • msbuild.exe2
  • msbuild.dll
  • mshta.exe
  • ntkd.exe
  • ntsd.exe
  • powershellcustomhost.exe
  • rcsi.exe
  • runscripthelper.exe
  • texttransform.exe
  • visualuiaverifynative.exe
  • system.management.automation.dll
  • wfc.exe
  • windbg.exe
  • wmic.exe
  • wscript.exe
  • wsl.exe
  • wslconfig.exe
  • wslhost.exe

According to Microsoft, unless you really need the application, it’s a good idea to block the application to increase the security of the device you are using.

For how to block it, maybe WinPoin will write in a tutorial in a future article, so stay on WinPoin, guys. Meanwhile, for more information about this you can check on the Microsoft page following.


Source link


Please enter your comment!
Please enter your name here