Thanks for the new build Now that Windows 10 Fall Creators Update has been released it would be good to know what to do with the new Exploit Guard (integrated EMET features). I'm assuming we should turn off all of the mitigations in Exploit Guard, but it would be good to hear from you and Erik about it.
@markloman Can you give some guidance re https://www.wilderssecurity.com/thr...iscussion-thread.324841/page-572#post-2712801 Maybe in that main non-beta thread? Edit: @Victek you beat me to it .
Still can't image with Credential protection on. The imaging process fails because of the SAM file being protected. Having it write to the event log doesn't help. Pete
Windows 10 16299.19/Alert 718 beta. Still can't get the Block Untrusted Fonts to stay enabled after closing the interface. It is cleanly installed. On the other hand, dism and sfc complete normally now, so that issue was a prob w/machine. Doesn't look to be a startup/shutdown issue with VoodooShield 4.08 beta either.
HitmanPro.Alert build 604, the current public non-beta, is compatible with Fall Creators Update (1709). Build 718 of HMPA is also compatible with Windows 10 Fall Creators Update (1709). It is even compatible with Exploit Guard introduced with Fall Creators Update. If you applied Windows 10 exploit protection to applications also protected by HMPA, the 'payload restrictions' from Windows 10 are unloaded by HMPA and the mitigations offered by HMPA are applied instead. Note that most exploit mitigations offered by HMPA are actually more comprehensive and faster than the exploit protection introduced with Windows 10 build 1709.
Thanks @markloman, based on your statements, it doesn't seem logical to have both enabled at the same time. So, Defender's mitigations will remain disabled here for now. Since my post above might get overlooked, here is one of several entries in Event Viewer regarding Block Untrusted Fonts. Again, Alert 7.18 beta was installed after all ProgramData files were deleted.
Thank you for confirming this Mark! What about the Windows Updates being blocked for months? (I will install this beta and see what happens)
HMPA 3.7.0 build 318 still does not like HMP 3.7.20 that it started itself... Code: Mitigation CredGuard Platform 10.0.16299/x64 v718 06_17* PID 8656 Application C:\Program Files\HitmanPro\HitmanPro.exe Description HitmanPro 3.7.20 \REGISTRY\MACHINE\SAM\
Had to uninstall because this error was popping up every few seconds when running Firefox 56.0.1 (64-bit) and a beta version of 1Password: Code: 1Password.NativeMessagingHost has stopped working 1Password runs fine with HMP.A uninstalled.
Starting from this build, "718" I cannot start AdguardSvc.exe, error code 0x000000005, suggesting there is some .dll injection inside that, that prevent to start the service. Same thing with SimpleDNSCrypt I cannot start it. Revert back to previous build "717", both work fine. https://github.com/AdguardTeam/AdguardForWindows/issues/1974 Also there are problems in both builds "717" and "718" on doing usb unmount.
Well thanks for letting me try it out. Games that Uplay launch (FarCry 3,4 and probably 5 are unplayable. Reported over 4 months ago. Moving on.
Beta 718 - Mailwasher Pro and IaStorIcon will not start. System errors, no HMPA errors. Tried disabling mitigations and risk reduction factors, no joy. Rolled back to 717.
Same as focus, IaStorIcon won't start and Webroot Filtering Extension in all browsers not working. Rolled back to 717 as well.
This should no longer be the case if you have renamed/deleted the excalibur.db If anyone still has this issue and has not applied the workaround please raise it again.
https://www.wilderssecurity.com/threads/hitmanpro-alert-beta.394398/page-24#post-2711611 I had previously applied the workaround. Will keep an eye on this with FCU, and now 718.
May I hope a workaround will not be required when later the HitmanPro.Alert 3.7 release version is issued? A workaround is OK for a beta, but when the release version is issued there should be no workaround required.
I apologize if this was an issue previously discussed. Here is a mitigation alert involving HitmanPro scanner: Should Credential Theft Protection remain disabled on the beta? Windows 10 16299.19/Alert 718 beta
HitmanPro.Alert 3.7.0 build 719 BETA Fixes ( compared to build 718 ) Solved compatibility issue with certain .NET applications (incl. AdGuard and SimpleDNSCrypt). Download No longer available due to bug found This build has drivers co-signed by Microsoft, thus runs on machines with Secure Boot enabled as well. Please let us know how this version runs on your machine
Hello @markloman. First installed the Alert 719, then ran HitmanPro from within- and outside of- Alert interface and this is perfect now. Residual issue is still a failure to enable Block Untrusted Fonts from both machines, each running release and beta respectively and sharing nothing in common via networking. This is partially resolved with machine running Windows 10 Pro as it's now enabled in the OS via group policy. Thanks!
Beware that the Block Untrusted Fonts feature of Windows 10 (used by HitmanPro.Alert) become deprecated. More details here: https://blogs.technet.microsoft.com...dropping-the-untrusted-font-blocking-setting/ We will be removing this specific feature from HitmanPro.Alert soon.