CYBER NEWS

Microsoft Adds Opt-In PUA Protection Feature for Enterprises

Microsoft-Oct2014Potentially unwanted applications, also known as potentially unwanted programs (PUPs and PUAs) are a major pain for both home and enterprise users.

Considering how vulnerable an enterprise environment can be and how sneaky a suspicious browser extension is, Microsoft has decided to add an opt-in feature for enterprise machines. The new PUA protection feature is designed to stop unwanted apps on computers running the System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEO).

According to Microsoft anti-virus researchers, the new anti-PUA component will be delivered via automatic updates. In other words, the PUA protection updates will be a part of the existing definition updates and cloud protection for MS enterprise clients. Enterprise users will only have to opt into the protection feature, without needing to do any additional configuration. Once the feature is active, it will block the PUA at download and install time.

How to Activate the PUA Protection Feature:

Systems administrators can distribute the PUA protection feature as a Group Policy setting by using the following registry key policy setting according to the product version:

System Center Endpoint Protection, Forefront Endpoint Protection
Key Path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Microsoft Antimalware\MpEngine
Value Name: MpEnablePus
Note: The following configuration is available for machines that are managed by System Center Endpoint Protection.
PUA threat file-naming convention

By enabling the feature, enterprise machines will be protected against unwanted software identified to start with ‘PUA’, such as PUA.AppGraffiti.

In order for the PUA recognition to work, researcher-driven signatures identify:

  • Software bundling technologies
  • PUA applications
  • PUA frameworks

The only question that remains is why the feature is available only for enterprise computers.

References

Microsoft Technet

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...