Home > Cyber News > Microsoft Adds Opt-In PUA Protection Feature for Enterprises
CYBER NEWS

Microsoft Adds Opt-In PUA Protection Feature for Enterprises

by   |  Last Update:  |  0 Comments  

Microsoft-Oct2014Potentially unwanted applications, also known as potentially unwanted programs (PUPs and PUAs) are a major pain for both home and enterprise users.

Considering how vulnerable an enterprise environment can be and how sneaky a suspicious browser extension is, Microsoft has decided to add an opt-in feature for enterprise machines. The new PUA protection feature is designed to stop unwanted apps on computers running the System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEO).

According to Microsoft anti-virus researchers, the new anti-PUA component will be delivered via automatic updates. In other words, the PUA protection updates will be a part of the existing definition updates and cloud protection for MS enterprise clients. Enterprise users will only have to opt into the protection feature, without needing to do any additional configuration. Once the feature is active, it will block the PUA at download and install time.

How to Activate the PUA Protection Feature:

Systems administrators can distribute the PUA protection feature as a Group Policy setting by using the following registry key policy setting according to the product version:

System Center Endpoint Protection, Forefront Endpoint Protection
Key Path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Microsoft Antimalware\MpEngine
Value Name: MpEnablePus
Note: The following configuration is available for machines that are managed by System Center Endpoint Protection.
PUA threat file-naming convention

By enabling the feature, enterprise machines will be protected against unwanted software identified to start with ‘PUA’, such as PUA.AppGraffiti.

In order for the PUA recognition to work, researcher-driven signatures identify:

  • Software bundling technologies
  • PUA applications
  • PUA frameworks

The only question that remains is why the feature is available only for enterprise computers.

References

Microsoft Technet

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. New Mirai Botnet Adds 11 Exploits in Attacks against Enterprises The infamous IoT botnet Mirai has a new variant which...
  2. Endpoint Attacks and Medical Management Endpoint attacks on medical management have become common today. Learn...
  3. The Best Linux Server Distributions in 2017 Gnu/Linux is one of the leading server operating systems due...
  4. PUA.WASMcoinminer Virus – How to Detect and Remove from Your PC This article has been created in order to help you...
  5. Symantec Endpoint Protection 14 Is All about Machine Learning Artificial intelligence is changing all aspects of the modern life,...
  6. GitHub Adds Code Scanning Feature to Recognize Security Flaws GitHub is getting a new feature that will inform the...
  7. PUA.JScoinminer Malware – How to Remove It Completely from Your PC This article aims to show you how to remove the...
  8. Intel Adds Ransomware Protection to 11th Gen vPro Processors Cybersecurity experts have been looking into ways to improve anti-ransomware...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree