Back

gHacks

Test Windows Defender Antivirus (or other security software)

2018-05-16 15:03:24

Windows Defender Antivirus is the default security application for devices running Microsoft's Windows operating system.

Like Windows Firewall, it may not offer the best protection or functionality, but it is there to protect systems directly after setup.

The installation of another security program replaces Windows Defender on the system and takes its role to block attacks.

Regardless of whether Windows Defender or another security software is protecting the device, you may want to test the protection to make sure it works correctly.

We covered a couple of methods to test security software in the past: check out our articles on Comodo Leaktest or the Eicar test.

Windows Defender Antivirus tests

windows defender tests

Microsoft maintains two test sites for Windows Defender security tests. The first, called Windows Defender SmartScreen Demo Pages, is all about SmartScreen protection.

SmartScreen Filter is a component of Windows Defender designed to protect against malicious sites, downloads and programs.

Note: none of the pages or tests are malicious. They are designed to appear malicious to find out if running security software protects the system against different attack types.

The following tests are available:

  • Is This Phishing -- Displays a suspicious page warning and prompts the user for action.
  • Phishing Page -- Known phishing page that the security software should block.
  • Malware Page -- A page used to host malware. It should be blocked.
  • Blocked Download -- A download starts on page load. That downloaded should be blocked because of the URLs reputation.
  • Exploit Page -- A page designed to attack browser vulnerabilities.
  • Malvertising -- A page that embeds advertising that is considered malicious.
  • Known Good Program -- The program should not be blocked.
  • Unknown Program -- Windows Defender SmartScreen should display a warning page.
  • Known Malware -- SmartScreen should block the program.

Click on any of the available tests to run them. Again, none of the tests are malicious but they are designed to appear as if they are.

Windows Active Defense is the name of the second test page. Some of the tests require that you sign in on the site, others can be run without signing in.

The following tests and options are available:

  • Cloud Delivered Protection -- Test cloud-delivered protection on the computer.
  • Potentially Unwanted Applications (PUA) -- Downloads a fake PUA file to test whether potentially unwanted programs are blocked.
  • Network Protection -- Loads a suspicious URL to test the network protection.
  • Exploit Protection -- Apply custom Exploit protection settings
  • Controlled Folder Access -- Download the Controlled Folder Access test tool.
  • Block at First Sight (sign-in required) -- With the feature, new files will be analyzed and blocked shortly after on any computer.
  • Attack Surface Reduction (sign-in required) -- Downloads samplees to trigger ASR rules.

Some of the tests require preparation before they can be run. A click on a test describes the test scenario and setup.

Closing Words

The tests are designed specifically for Windows Defender Antivirus. While third-party antivirus solutions may block certain simulated malicious activities as well, some tests won't deliver the desired results unless Windows Defender Antivirus is used.

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Test Windows Defender Antivirus (or other security software) appeared first on gHacks Technology News.

Read more

Windows 10 version 1803 microcode update KB4100347

2018-05-16 08:18:34

KB4100347 is a new update for the latest version of Windows 10, Windows 10 version 1803, which Microsoft released on April 30, 2018 to the public.

The feature update has its fair share of issues; users complain about incompatibilities with certain Solid State Drives, bluescreens, missing network devices, and other issues.

One of the things that I noticed right away after installing the April 2018 Update for Windows 10 on a test system was that it did not include the microcode update that protects it from Spectre attacks.

What made this particularly problematic was that Microsoft released microcode updates for previous versions of Windows 10. Systems went from a protected state to an unprotected one in worst case if users or administrators installed the microcode update on devices running previous versions of Windows 10 before running the upgrade to the latest version.

Tip: you can run the free software inSpectre to find out if a Windows PC is patched and whether microcode updates are available.

KB4100347

kb4100347 microcode update windows 10 1803

It took Microsoft two weeks to release the microcode update for Windows 10 version 1803 that protects devices against Spectre attacks. The company released KB4100347 on May 15, 2018. The update is available through Windows Update and the Microsoft Update Catalog website and compatible with Windows 10 version 1803 and Windows Server 2016 Version 1803 (Server Core)

Windows devices configured to download available updates automatically through Windows Update will get the microcode update automatically provided that a supported processor is installed on the machine.

You can check the list of supported processors on Microsoft's Support website. It includes Kaby Lake, Coffee Lake, Broadwell, SkyLake, Haswell, Ivy Bride, and Sandy Bridge processors. Microsoft plans to update the Windows update to support additional processors.

You may download the update from the Microsoft Update Catalog website as well. It has a size of just 1 Megabyte and can be installed on machines running Windows 10 version 1803 or Windows 10 Server 2016.

Note that the installation will only succeed if a supported processor is installed on the machine the update is executed on.

Closing Words

The microcode updates for Windwos 10 version 1803 are finally available. The release removes one reason for staying on an earlier version of Windows 10. It is still too early to upgrade to Windows 10 version 1803 but users and admins who upgraded PCs to the new version may want to install it asap to protect the device against Spectre-based attacks. (via Deskmodder)

Related articles

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Windows 10 version 1803 microcode update KB4100347 appeared first on gHacks Technology News.

Read more

Ghacks Deals: Heimdal Pro Anti-Malware Lifetime (88% off)

2018-05-16 07:36:23

Heimdal Pro is a complimentary security solution that you run next to dedicated anti-malware or anti-virus solutions. The software program is compatible with Windows 7 and newer versions of Windows.

Heimdal Pro adds another security layer to the operating system that monitors Internet traffic and stops various types of malicious software before it has a chance to infect the system.

It protects against ransomware, DNS hijacking, malicious redirects, software exploits and more.

You can grab a 1 PC or 4 PC lifetime subscription of Heimdal Pro Anti-malware. The 1 PC offer is available for $29.99, the 4 PC offer for $49.99.

Click here to open the Heimdal Pro deal on Ghacks Deals

Not for you?

If this particular offer is not for you, you may want to check out other security deals (with huge discounts) on Ghacks Deals.

Fine print: make sure that you check out the specs and terms of the deal.

Disclosure: The deal is provided by StackCommerce in partnership with Ghacks Technology News; you need a StackCommerce account to participate in giveaways or make purchases. Check out the privacy policy and Terms of Service here.

Ghacks Technology News benefits from sales made on the Ghacks Deals website through a revenue share agreement. All revenue goes towards the running costs.

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Ghacks Deals: Heimdal Pro Anti-Malware Lifetime (88% off) appeared first on gHacks Technology News.

Read more

Microsoft releases KB4134661 and KB4134660 for Windows 10

2018-05-16 06:42:55

Microsoft released the two updates KB4134661 and KB4134660 for Windows 10 version 1703 and Windows 10 version 1709 yesterday.

The two updates have the same description:

This Windows update provides a notification of an improved privacy experience on upgrade to the Windows 10 April 2018 release.

Microsoft provides no further explanation on the update. The updates have a size of about 230 Kilobytes only, and are distributed through Windows Update to all machines running Windows 10 version 1703 or 1709.

KB4134661 KB4134660

Windows users can run a manual check for updates to download and install the update on supported PCs.

  1. Use the shortcut Windows-I to open the Settings application.
  2. Go to Update & Security.
  3. Click on the "check for updates" button.

Windows 10 should pick up the new update and install it on the target device. The update is available as a standalone download and installation on the Microsoft Update Catalog website as well.

Click on one of the following links to jump to the listing on Microsoft's download website:

  • KB4134661 on Microsoft Update Catalog website.
  • KB4134660 on Microsoft Update Catalog website.

The updates are standalone updates and not cumulative. They don't change the build of the Windows installation or include previously released updates.

Closing Words

Microsoft's description is vague and it is not clear right now what these updates do when they are installed. The most likely explanation is that they inform users about the improved privacy options during setup which Microsoft added to Windows 10 version 1803.

Microsoft added two new switches to the privacy options during Windows 10 Setup: Find my device and improve inking & typing. Find my device uses the device's location data to inform you where it is in case you misplaced it or in cases where it has been stolen. Improve inking & typing on the other hand defines whether inking and typing data is submitted to Microsoft.

The description suggests that the update is not essential when it comes to the upgrade experience to Windows 10 version 1803 as it appears to add no fixes for existing issues.

I suggest that you wait with the installation of KB4134661 and KB4134660 to see if they introduce any new bugs or issues. You may also want to wait running the upgrade to Windows 10 version 1803 as the new version is riddled with bugs right now. It does not play well with certain Solid State Drives, and has a huge number of other issues and bugs that Microsoft has yet to address. (via Deskmodder)

Ghacks needs you. You can find out how to support us here or support the site directly by becoming a Patreon. Thank you for being a Ghacks reader. The post Microsoft releases KB4134661 and KB4134660 for Windows 10 appeared first on gHacks Technology News.

Read more