Enabling Microsoft’s New Potentially Unwanted Application Feature

Enabling Microsoft’s New Potentially Unwanted Application Feature

At the end of November, Microsoft rolled out a new security capability for Enterprise users, allowing organizations to opt-in to block unwanted applications that download from a web browser. The applications are blocked during download so installation is never even accomplished. This security capability should help minimize the number of malware applications served to oblivious end-users.

For now, flipping the switch to enable this feature is a bit convoluted and definitely a manual process. I’m positive it will be improved in the future, but for now it’s a registry modification which can be wrapped into a self-created Group Policy setting.

Here’s the specifics:

* For System Center Endpoint Protection and Forefront Endpoint Protection:

Registry path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Microsoft Antimalware\MpEngine

Value name: MpEnablePus

Value (dword): 0 = off; 1 = on

* For Windows Defender:

Registry path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine

Value name: MpEnablePus

Value (dword): 0 = off; 1 = on

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish