WDAC How to allow .tmp.node file by Electron app?
Hi all, I'm facing an issue with .tmp.node file that executed by an application called Ledger Live and written by Electron. This application generated a temporary file with random filename in user's Temp folder and then executed. I tried to allow the application's folder (C:\Program Files\Ledger Live\*) and even whitelist *.tmp.node in the WDAC policy XML. But the WDAC was still blocked this .temp.node file execute as the below screenshot. Is there a way to allow it to run or skip the Enterprise signing level check? Thanks.
Local Administrator Password Solution locks my domain administrator
Hi everyone, We deployed LAPS in our environment, I installed the management on our domain controller. My problem is, if I need to login to a managed computer with the local administrator it locks my domain administrator account... I don't understand why. Googling this didn't help me. Can anyone help? Rahamim.Intune Bitlocker for USB/external drive (Missing policy for Azure AD Join scenario)
When we enable intune policy: Block write access to devices configured in another organization in Intune Bitlocker policy We also need to deploy an Onprem GPO policy: Provide unique identifier for your organization. This will allow the PC to differentiate the Org it belongs to. GPO policy: Provide unique identifier for your organization is missing in Intune. Because of this we cannot use Intune policy: Block write access to devices configured in another organization. Looking for suggestions how we implement Block write access to devices configured in another organization in Intune for Azure AD Join (not hybrid domain join)?Why is MsMpEng.exe still scanning excluded directories
THe MsMpEng.exe process is very active in our environment. Checking with Process Monitor filtered on MsMpEng.exe i can see it is very busy scanning my ISO directory, but i have excluded that directory in real-time scanning in Defender long ago. Why is it still scanning that directory, and i see many others i excluded it is also scanning? Will Azure Intune rules overwrite local configurations? if so wouldn't it gray them out? I am able to set exclusions.Run a windows defender scan in windows 10 using POWERSHELL
Folks, Windows 10 by default doesnt have periodic scanning enabled, to enable that i have to toggle the switch then i am able to scan. I am looking for a powershell command that can flip this on and another command to get scan results once the scan is finished.window security
hi, I have just tried to open a file which I previously encrypted some months ago and for the first time I thought a message saying. I am operating with W10. "Está cerrando un archivo o tener acceso a Un archivo cifrado usando una tarjeta inteligente. Escriba el pin de su tarjeta inteligente"
feature request: Windows Defender Antivirus - add "scan running processes"
feature request: Windows Defender Antivirus - add "scan running processes" scan for dead/multiple or dangerous processes or clean memory... most virus scanners only check files on drive, not running processes within memory.. and maybe add a rule to block a dangerous process.. André
