Interesting AV article

Page 1 of 2 12 LastLast
  1. dencal's Avatar
    Posts : 2,844
    W10 Pro + W10 Preview
       #1
      My Computers

  2. Try3's Avatar
    Posts : 4,316
    Windows 10 Home x64 Version 1909 Build 18363.778
       #2

    Interesting but his comment about Admin accounts is strange. He wrote

    Second, run Windows as a standard user, not as an administrator. (MacOS and Linux users already do this.) Running as a standard user may eliminate 90% of threats.”

    Since even Admin user accounts are initially logged in using Standard level user tokens rather than Admin level user tokens, how can it make any difference? Surely his comment only applies to network admin accounts as they can routinely be set up to run with their Admin tokens.

    MS removed their warnings about running in Admin accounts in June 2013.

    Denis
      My Computer

  3. TairikuOkami's Avatar
    Posts : 4,116
    Home 2004 x64 10.0.19041.264
       #3

    Try3 said:
    Since even Admin user accounts are initially logged in using Standard level user tokens rather than Admin level user tokens, how can it make any difference? Surely his comment only applies to network admin accounts as they can routinely be set up to run with their Admin tokens.
    Running as Standard user is way safer than running as admin with UAC at max.
    Obviously, it is not for everyone, it would drive me nuts to use SUA, I prefer admin.

    dencal said:
    Favoring Defender.
    WD is actually doing pretty good, for the first time in forever.

    http://chart.av-comparatives.org/chart1.php
      My Computer

  4. dencal's Avatar
    Posts : 2,844
    W10 Pro + W10 Preview
    Thread Starter
       #4

    TairikuOkami said:
    WD is actually doing pretty good, for the first time in forever.

    http://chart.av-comparatives.org/chart1.php
    Impressive M$ results which I believe would not have included the latest updated version as in Build 1703.

    Have been using Bitdefender free which have also found impressive, and will continue to use until M$ have properly sorted out the bugs in its latest Build 1703 version of Defender Security Center.
      My Computers

  5. TairikuOkami's Avatar
    Posts : 4,116
    Home 2004 x64 10.0.19041.264
       #5

    I am a bit disappointed though, MS has promised to include ATP on all Windows version since CU.
    I have noticed some ATP keys only on Pro, but not sure, if it works. I have no idea, how to test it.

    Windows Defender Advanced Threat Protection for Windows 10 in the Creators Update. - YouTube
      My Computer

  6. dencal's Avatar
    Posts : 2,844
    W10 Pro + W10 Preview
    Thread Starter
       #6

    Was under impression ATP is only available to corporate business on subscription.
      My Computers


  7. Superfly's Avatar
    Posts : 3,271
       #7

    dencal said:
    Impressive M$ results
    .. nearly fell off my chair... gotta give credit where it's due - well done to them.
      My Computer

  8. lx07's Avatar
    Posts : 5,477
    1903
       #8

    TairikuOkami said:
    Running as Standard user is way safer than running as admin with UAC at max.
    We all know this but how many do?

    I don't. I know I should but I don't.

    I think I might see if I can do a poll here just out of curiosity. Perhaps it would be interesting.

    What would be a good list of responses?

    • I normally run as Standard User
    • I normally run as Admin because that was the default.
    • It is my PC so I run as Admin and turned off UAC.
    • It is my PC so I run as the built in Administrator as I liked XP.
    • I don't understand the question
      My Computer

  9. lx07's Avatar
    Posts : 5,477
    1903
       #9

    Try3 said:
    Since even Admin user accounts are initially logged in using Standard level user tokens rather than Admin level user tokens, how can it make any difference?
    Because, by default, it is trivial to elevate a job and bypass UAC.

    If you are running as a standard user you can't.

    This particular technique can be remediated or fixed by setting the UAC level to “Always Notify” or by removing the current user from the Local Administrators group.
    UAC Bypass Using eventvwr.exe and Registry Hijacking | enigma0x3
      My Computer

  10. TairikuOkami's Avatar
    Posts : 4,116
    Home 2004 x64 10.0.19041.264
       #10

    lx07 said:
    I think I might see if I can do a poll here just out of curiosity. Perhaps it would be interesting.
    Indeed, but I do not think, you will get many, if any, SUA users here, for the record:

    For daily use, do you prefer to run as Administrator or Standard user? | Wilders Security Forums

    lx07 said:
    What would be a good list of responses?

    • I normally run as Standard User
    • I normally run as Admin because that was the default.
    • It is my PC so I run as Admin and turned off UAC.
    • It is my PC so I run as the built in Administrator as I liked XP.
    • I don't understand the question
    Maybe simplify it a bit (shorten), like:

    What kind of user account do you use?

    • Standard User
    • Default Admin
    • Admin with UAC set to Never Notify
    • Admin with UAC off (via GPO/registry)
    • Built in Administrator
    • No idea


    By the way, since CU, store apps work with UAC really disabled.

    Run Windows Store Apps With UAC Disabled in Windows 10 - Winaero
      My Computer


 
Page 1 of 2 12 LastLast

Related Threads
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 11:01.
Find Us




Windows 10 Forums