Due to application of quite harmless tools attackers can often avoid detection by different antivirus decisions.
Hence Microsoft recommends creation of special rule that blocks certain legitimate applications.
“Unless your use scenarios explicitly require them, Microsoft recommends that you block the following applications”, — advice in Microsoft
[1] — A vulnerability in bginfo.exe has been fixed in the latest version 4.22. If you use BGInfo, for security, make sure to download and run the latest version here BGInfo 4.22. Note that BGInfo versions earlier than 4.22 are still vulnerable and should be blocked.
[2] — If you are using your reference system in a development context and use msbuild.exe to build managed applications, we recommend that you whitelist msbuild.exe in your code integrity policies. However, if your reference system is an end user device that is not being used in a development context, we recommend that you block msbuild.exe.
“These applications and files can be used by attackers for bypassing of protective measures, for example, rule white applications list. In particular, attackers can bypass Windows Defender Application Control protection», — warns Microsoft.
Source: https://docs.microsoft.com
About Janorfeb.xyz Janorfeb.xyz pop-ups can not open out of nowhere. If you have clicked on…
About Re-captha-version-3-263.buzz Re-captha-version-3-263.buzz pop-ups can not launch out of the blue. If you have actually…
About Usavserver.com Usavserver.com pop-ups can not expose out of the blue. If you have clicked…
About Yourgiardiablog.com Yourgiardiablog.com pop-ups can not expose out of the blue. If you have actually…
About Bihanrit.xyz Bihanrit.xyz pop-ups can not launch out of nowhere. If you have actually clicked…
About Thenetaservices.com Thenetaservices.com pop-ups can not introduce out of the blue. If you have actually…