Discussion:
[wpkg-users] Windows 10 1709 Exploit Guard
Marco Schmidt
2017-12-01 11:18:13 UTC
Permalink
This script contains malicious content and has been blocked by your
antivirus software.

Maybe you already came across this sentence in the eventlog of Windows
10, while WPKG tries to install something.

It reminds me what Linus Torvalds said some weeks ago.

http://lkml.iu.edu/hypermail/linux/kernel/1711.2/01701.html

Now I understand better, what he meant.

Because the system (Windows) is insecure by default, the Defender just
blocks everything, which makes it nearly impossible to use WPKG on
Windows 10 (1709).

Even a simple "copy" (local) is blocked !!!

Microsoft recommends to add "Exceptions" ...

https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-controlled-folders-exploit-guard


I do not want to disable the defender completely, but I have not found a
way to stop the "Exploit Guard".

Any ideas?
How do you manage to use WPKG with Windows 10 (1709)?

Thanks.

Greetings ...
Marco
---------------------------------
wpkg-users mailing list archives >> http://lists.wpkg.org/pipermail/wpkg-users/
h***@horiba.com
2017-12-01 12:40:59 UTC
Permalink
Date: 01.12.2017 12:27
Subject: [wpkg-users] Windows 10 1709 Exploit Guard
This script contains malicious content and has been blocked by your
antivirus software.
Maybe you already came across this sentence in the eventlog of Windows
10, while WPKG tries to install something.
actually - no...
Any ideas?
How do you manage to use WPKG with Windows 10 (1709)?
Just kept using it (via WPKG-GP running as a user with administrative
rights (not SYSTEM)).

No problems here, vanilla 1709 pro, all security policies on default.

There's still the problem that Windows 10 ignores GPEs most of the time
for unknown reasons, but it works via the Tray-Icon.

Best Regards
Heiko
Adam Thorn
2017-12-01 12:55:31 UTC
Permalink
Post by h***@horiba.com
Date: 01.12.2017 12:27
Subject: [wpkg-users] Windows 10 1709 Exploit Guard
This script contains malicious content and has been blocked by your
antivirus software.
Maybe you already came across this sentence in the eventlog of Windows
10, while WPKG tries to install something.
actually - no...
Likewise, no problem running wpkg on my 1709 Win10 machines. From the
comments in Marco's link, it appears:

* Exploit Guard is disabled by default
* Exploit Guard can't be used if you have 3rd party antivirus (which I do)

Adam
---------------------------------
wpkg-users mailing list archives >> http://lists.wpkg.org/pipermail/wpkg-users/
Loading...