Curious about Smart App and Defender


W

wa1fhy

Member
Local time
3:05 AM
Posts
13
OS
Windows 11
Dell Inspiron 15" laptop, Win 11 Build 22631.4037.

Can someone explain the connection between the Smart App Control and Windows Defender? I have been receiving almost daily "Security Intelligence Update for MS Defender AV" as shown in Reliability Monitor.

Exactly one month after the computer was put in service, the updates have stopped. Moreover, the Smart App Control has switched from evaluation mode to Off.

I have always had Windows Defender turned off since I am using another AV product. Am I to assume that it was the Smart App Control that basically requested Defender to be updated daily?

Just curious since I'm fine with the other AV product and don't care at all about Defender Updates. It just sort of bothers me that Windows does many things behind your back over various periods of time without you really knowing what's going on.
 
Windows Build/Version
22631.4037

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 15
    CPU
    11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
    Motherboard
    Dell
    Memory
    12 GB
    Graphics Card(s)
    Integrated IrisXE
    Sound Card
    Integrated/Realtek
    Monitor(s) Displays
    15"
    Screen Resolution
    1920x1080
    Hard Drives
    NVMe Micron 2210 NVMe 512GB
    PSU
    N/A
    Case
    N/A
    Cooling
    N/A
    Keyboard
    N/A
    Mouse
    MS Optical Mouse 2.0 USB
    Internet Speed
    800 Mbps down, 20 Mbps up
Smart App Control breaks many apps, even MS made, like VisualC++, so you are not missing out anything.
It basically allows only a list of "reputable" apps plus digitately signed. You can simulate it with a tweak:
Code: 
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "1" /f
If I try to run an unsigned app, I will get a warning, till I disable the tweak, it blocks roughly 99.99% exe malware. 🙂

capture_08312024_170627.jpg
 

My Computer

System One

  • OS
    Windows 11 Home
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 8600G (07/24)
    Motherboard
    ASROCK B650M-HDV/M.2 3.18 (07/24)
    Memory
    2x32GB Kingston FURY DDR5 5600 MHz CL36 @4800 CL40 (07/24)
    Graphics Card(s)
    ASROCK Radeon RX 6600 Challenger D 8G @60FPS (08/24)
    Sound Card
    Creative Sound BlasterX AE-5 Plus (05/24)
    Monitor(s) Displays
    24" Philips 24M1N3200ZS/00 (05/24)
    Screen Resolution
    1920×1080@165Hz via DP1.4
    Hard Drives
    Kingston KC3000 NVMe 2TB (05/24)
    ADATA XPG GAMMIX S11 Pro 512GB (07/19)
    PSU
    Seasonic Core GM 550 Gold (04/24)
    Case
    Fractal Design Define 7 Mini with 3x Noctua NF-P14s/12@555rpm (04/24)
    Cooling
    Noctua NH-U12S with Noctua NF-P12 (04/24)
    Keyboard
    HP Pavilion Wired Keyboard 300 (07/24) + Rabalux 76017 Parker (01/24)
    Mouse
    Logitech M330 Silent Plus (04/23)
    Internet Speed
    500/100 Mbps via RouterOS (05/21) & TCP Optimizer
    Browser
    Edge & Brave for YouTube & LibreWolf for FB
    Antivirus
    NextDNS blocking 99% TLDs
    Other Info
    Backup: Hasleo Backup Suite (PreOS)
    Headphones: Sennheiser RS170 (09/10)
    Phone: Samsung Galaxy Xcover 7 (02/24)
    Chair: Huzaro Force 4.4 Grey Mesh (05/24)
    Notifier: Xiaomi Mi Band 9 Milanese (10/24)
    2nd Monitor: AOC G2460VQ6 @75Hz (02/19)
wa1fhy said:
I have always had Windows Defender turned off since I am using another AV product. Am I to assume that it was the Smart App Control that basically requested Defender to be updated daily?
Click to expand...
Incorrect assumption. SAC has no direct relation to MS Defender and doesn't require updates, though they share aspects of the cloud service. It uses the cloud reputation service and Intelligent Security Graph (ISG).
wa1fhy said:
It just sort of bothers me that Windows does many things behind your back over various periods of time without you really knowing what's going on.
Click to expand...
Do you have Periodic Scanning turned off? Defender will continue to update periodically even when you use a 3rd party AV.
 

My Computer

System One

  • OS
    Windows 11 Pro 23H2
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo IdeaPad L340
    CPU
    Intel Core i3-8145U
    Memory
    16GB
    Hard Drives
    500 GB M2 1 TB HDD
    Internet Speed
    400 MB
    Browser
    Chrome | Edge
    Antivirus
    Microsoft Defender | Block unknown executables | Various ASR rules enabled
Periodic scanning is (and has been) set to Off. Defender has been turned off since the day I got the computer. It just seemed strange to me that I received the (almost daily) security intelligence updates for Defender for exactly one month, and haven't seen any more in the last 6 days. And that was about the time I noticed that the SAC had gone from evaluation mode to permanently off mode.

Oh well, not a big deal.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Dell Inspiron 15
    CPU
    11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
    Motherboard
    Dell
    Memory
    12 GB
    Graphics Card(s)
    Integrated IrisXE
    Sound Card
    Integrated/Realtek
    Monitor(s) Displays
    15"
    Screen Resolution
    1920x1080
    Hard Drives
    NVMe Micron 2210 NVMe 512GB
    PSU
    N/A
    Case
    N/A
    Cooling
    N/A
    Keyboard
    N/A
    Mouse
    MS Optical Mouse 2.0 USB
    Internet Speed
    800 Mbps down, 20 Mbps up
You must log in or register to reply here.

Latest Support Threads

Latest Tutorials

Back
Top Bottom