Users of modern versions of Windows 11 have a powerful security feature for keeping their devices secure, known as Smart App Control. I’ve talked about this feature a few times over the last year, but in April 2026, a powerful improvement landed. Previously, Smart App Control could not be turned back on if you everContinue reading “Smart App Control”
Category Archives: security
Attack Techniques: RMM Abuse
After you sign up on the Social Security Administration’s website, they’ll send you a yearly email inviting you to check out your benefits. Flipping through my Junk Mail folder this afternoon, I found the following email: It looks reasonably plausible, except for the return address (cuonlineedu.in, a university in India). I’m always game to lookContinue reading “Attack Techniques: RMM Abuse”
Understanding Defender AV Scans
Microsoft Defender Antivirus Defender is intended to operate silently in the background, without requiring any active attention from the user. Because Defender is included for free as a component of Windows, it doesn’t need to nag or otherwise bother the user for attention in an attempt to “prove its value”, unlike some antivirus products thatContinue reading “Understanding Defender AV Scans”
Windows: Choose Where To Get Apps
Modern versions of Windows offer a setting named “Choose where to get apps” which can reduce attack surface by limiting the locations from which applications can be installed. Internally, we’ve called this feature “Smart Install”. By default, this option is set to “Anywhere“, which means that Windows will allow an executable downloaded from the InternetContinue reading “Windows: Choose Where To Get Apps”
Security Software False Positives
Software developers and end-users are often interested in understanding how to resolve incorrect detections from their antivirus/security software, including Microsoft Defender. Such False Positives (FPs) can disrupt your use of your device by incorrectly blocking innocuous files or processes. However, you should take extreme care before concluding that a given detection is a false positiveContinue reading “Security Software False Positives”
text/plain 