Security recommendations

Related Component

Security controls (Antivirus)

The Microsoft Defender Antivirus status reflects the real-time protection disabled, posing a risk to essential AV functions. To mitigate, adjust the Group Policy to set real-time protection to “Disabled” or “Not Configured.” Enabling scanning of removable drives during full scans is crucial for Windows 10 (version 1709+), safeguarding against external malicious software. Setting the Group…

Categories

We provide a comprehensive list of vulnerabilities and remediation options on this page for our visitors’ reference. However, we would like to inform you that EireaNet, Inc. offers a free of charge automated mitigation service to our monthly subscribers. This service is designed to detect and remediate any vulnerabilities or other security issues on your system. Our mitigation service is constantly updated with the latest threats and vulnerabilities, ensuring that our subscribers are always protected against the latest security threats.

In addition to the automated mitigation service, EireaNet, Inc. also provides personalized consulting for businesses that require a more tailored approach to their security needs. Our team of experts can conduct thorough security assessments and provide customized recommendations to address specific vulnerabilities within your system. This personalized consulting service aims to empower businesses with the knowledge and tools to enhance their overall security posture and mitigate potential risks effectively.

We understand the critical importance of staying ahead of evolving security threats, which is why we remain dedicated to continuously updating our mitigation service and staying informed about emerging vulnerabilities. By offering both automated and personalized solutions, we aim to cater to the diverse security needs of our subscribers, ultimately contributing to a more secure digital environment for all.

Turn on real-time protection

Description

This status indicates that Microsoft Defender Antivirus real-time protection is disabled.

Potential risk

Not having real-time protection enabled will cause important AV functionalities to not work.

Remediation options

Set the following Group Policy:
Computer Configuration\Administrative Templates\Windows Components\(Windows|Microsoft) Defender Antivirus\Real-time Protection\Turn off real-time protection
To one of the following values: Disabled or Not Configured

Enable scanning of removable drives during a full scan

Description

This setting controls whether or not to scan for malicious software and unwanted software in the contents of removable drives, such as USB flash drives, when running a full scan.

This security control is only applicable for machines with Windows 10, version 1709 or later.

Potential risk

Scanning removable drives is extremely important, as they are more likely to contain malicious software and files brought into the enterprise managed environment from an external, unmanaged environment.

Remediation options

Set the following Group Policy:
Computer Configuration\Policies\Administrative Templates\Windows Components\(Windows|Microsoft) Defender Antivirus\Scan\Scan removable drives
To the following value: Enabled

Enable Microsoft Defender Antivirus real-time behavior monitoring

Description

Determines whether Microsoft Defender Antivirus monitors file processes, file and registry changes, and other events on your endpoints for suspicious and known malicious activity.

Potential risk

Disabling behavior monitoring will reduce your ability to detect suspicious activity that could indicate a breach.

Remediation options

Set the following Group Policy:
Computer Configuration\Administrative Templates\Windows Components\(Windows|Microsoft) Defender Antivirus\Real-time Protection\Turn on behavior monitoring
To the following value: Enabled

Turn on PUA protection in block mode

Description

Enabling Potentially Unwanted Application (PUA) protection in block mode will block and automatically quarantine potentially unwanted applications. PUA protection blocking takes effect on endpoint clients after the next signature update or computer restart.

Potential risk

Not having PUA in Block mode enabled leaves your machines vulnerable to unwanted applications with potentially malicious behavior.

Remediation options

Enable PUA protection in Block mode using one of the methods described in this documentation.

Turn on Microsoft Defender Antivirus

Description

Determines whether Microsoft Defender Antivirus is configured to run and scan for malware and other potentially unwanted software.

Potential risk

Not having a current, updated antivirus product scanning each computer for malicious file activity exposes the organization to malware or other potentially unwanted software.

Remediation options

Ensure that Microsoft Defender Antivirus is enabled using one of the methods described here.

Already a client?

We are here to help!

Reach our friendly support team!

Have questions or need a hand?

Fill out the form and let us know how we can help with your technology needs.

← Back

Congratulations !

You’re One Step Away from Proactive IT Services! nnOne of our Team members will reach out to you within 24 hours.

Vulnerability mitigation

All our monthly subscribers enjoy our automated remediation options

free of charge

Application (Adobe Acrobat)

Application (MS Edge | IE)

Application (Microsoft Office)

Application (Google Chrome)

Security controls (Firewall)

Security controls (Exploit Guard)

Operating system

Network

Accounts

Our Promise

Deliver The Highest Quality of service

Our team comprises experienced professionals with expertise in handling all your IT needs. We use the latest technologies and industry best practices to keep your business safe and secure and are always available to provide fast and friendly support whenever you need it

Get To Know Us!

Contact Us

Interested in our services? Would you like us to contact you? Please submit this form and we’ll get back to you right away.

← Back

Your message has been sent!

Thank you for considering our company. We will be in touch soon.

Business Hours.

Our Managed Detection and Response (MDR) services provide advanced threat detection and response capabilities to safeguard your organization against cyber threats. Our team of security experts monitors your network 24/7 and provides real-time threat detection and rapid response to any potential threats.

Monday: 9:00 am – 5:00 pm
Tuesday: 9:00 am – 5:00 pm
Wednesday: 9:00 am – 5:00 pm
Thursday: 9:00 am – 5:00 pm
Friday: 9:00 am – 5:00 pm
Saturday: Closed
Sunday: Closed

After Hours IT Support is available at additional rates.

Security recommendations

Security controls (Antivirus)

Our Services

IT Consulting

Co-Managed IT

Cybersecurity

IT Services Plans

Turn on real-time protection

Description

Potential risk

Enable scanning of removable drives during a full scan

Description

Potential risk

Enable Microsoft Defender Antivirus real-time behavior monitoring

Description

Potential risk

Turn on PUA protection in block mode

Description

Potential risk

Turn on Microsoft Defender Antivirus

Description

Potential risk

Congratulations !

Vulnerability mitigation

free of charge

Application (Adobe Acrobat)

Application (MS Edge | IE)

Application (Microsoft Office)

Application (Google Chrome)

Security controls (Firewall)

Security controls (Exploit Guard)

Operating system

Network

Accounts

Our Promise

Deliver The Highest Quality of service

Contact Us

Your message has been sent!

Business Hours.