Stack Overflow
Stack Overflow

Questions tagged [windows-defender]

Use with Windows Security which was formally called Windows Defender Security Center

References:
Help protect my device with Windows Security

Related tag:
Windows-Security

180 questions
0
votes
1 answer

How to pull Defender (Microsoft 365) reports from Exchange Online Protection

Under the email collaboration in Defender365, there are a set of reports that report things such as malware detected in emails, spam blocks, etc... that I'd like to pull that aren't available on the two APIs…
Kofi
  • 13
  • 4
0
votes
0 answers

Windows Defender - How can I temporarily disable calls to MpCmdRun -GetDeviceTicket using registry editor

I have noticed that calls to MgCmdRun.exe GetDeviceTicket -AccessKey were causing glitches in a rendering application I am working on. I was wondering if there was a way I could temporarily disable these calls. Here is a list of what I…
vitonimal
  • 453
  • 7
  • 17
0
votes
1 answer

Is there a way to disable the WDAC blocked application message boxes?

I have a WDAC policy running and have been testing out enforced mode. The machines this will eventually go on cannot have notifications going to the user as this will be a single purpose machine and we can't potentially have notifications disrupting…
Tony Paolucci
  • 1
  • 1
0
votes
1 answer

KQL Querying MDE/MDO's API

I am researching a little bit about MDE/MDO-s API capabilities for advanced threat hunt. my question is: 

Is it possible to KQL querying MDE/MDO’s API? Any info would be highly appreciated. Thanks goal: using KQL to hunt for threats utilising…
CldBoy
  • 1
0
votes
0 answers

API get alerts in MS Defender via Powershell script

I am trying to get alerts from MS Defender API via. Powershell script. However no output is coming through. I have made an app with read rights alert.read. I have tried the first step and I get a token. (I have tried to putt Uri both variable and…
user3310846
  • 1
  • 1
0
votes
0 answers

Windows Defender keep blocking my application that project for college homework

Im working on application for my college homework. It will show a lot of windows info to user. But windows defender dont let me run the program without add exe on exclusions. Looks like a generic blocking. I dont want present that for my entire…
aarcanj0
  • 1
  • 1
0
votes
1 answer

MDE.Windows Azure VM extension provisioning failed

We have recently migrated Windows server 2016 from Onprem to Azure Cloud. After that i notice that the "MDE.Windows" extension shows "Provisioning Failed" message. And below is the error message. Can someone help me on how to fix this? [2022-10-18…
G_S
  • 85
  • 1
  • 11
0
votes
0 answers

Need help getting Defender Helpdesk values from AD using powershell

I am wanting to audit the defender tab in AD to determine if any users have changed the Temporary Response values. They may have changed the Temporary Response Expires default value or they may have checked "Allow response to be used multiple…
mrcgray
  • 13
  • 2
0
votes
0 answers

Windows Defender "protects" me against my own app - how to configure?

Every time I try to open one of my own .BAT files in Notepad++ (just to edit it, not to even run the batch file), I get the "Windows protected your PC" ... "prevented an unrecognized app from starting". (This happens when I right-click "Edit" on the…
nerdfever.com
  • 1,652
  • 1
  • 20
  • 41
0
votes
1 answer

What's the right way to deploy my signed WDAC policy to my test VM?

I'm using Hyper-V VM, Windows 11 22H2, to test signed WDAC policy, specifically the fact that even administrators can't disable/remove it, so I decided to try it out. I've already successfully deployed unsigned WDAC policy on my host and it works…
user19966204
0
votes
0 answers

How to test a program that uses Get-MpThreatDetection powershell command

I have a C# program that runs the powershell script Get-MpThreatDetection (which returns a list of malware found on the machine by Windows Defender) and then logs that information. I just wanted to figure out a way to test this functionality. The…
Mike
  • 374
  • 1
  • 8
  • 22
0
votes
1 answer

Antimalware Service Executable uses High CPU and blocks running IIS .Net Core App

I have a .Net Core API on Windows server 2019 VPS, its been two days now as and when request comes to API 'Antimalware Service Executable' kicks in to scan the app, this leads to high CPU use as well as API is not able to respond to any request,…
shab
  • 127
  • 9
0
votes
0 answers

How to sign executable

Hi I just created a single c script and windows is saying "Windows Defended your computer" I tried to self sign my executable but it's still happening, if I want to share my programs how can I sign correctly my executable whitout windows saying…
ghost
  • 11
  • 2
0
votes
0 answers

mdatp install in Docker

I am trying to install windows defender in a docker container. But Facing the following error while Docker Build. System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down Docker File…
Testuser
  • 13
  • 3
0
votes
1 answer

365 Block .exe Download

Is it possible to prevent the download and execution of files with a .exe extension using 365? I've searched across Endpoint Manager, Defender for Endpoint and Defender for Cloud Apps but can't see an obvious way of doing this. Most of my searches…
alexthannah
  • 109
  • 2
  • 8
1 2 3
11 12