Hi, Win 10 automatically re-enables firewall rules that have been deliberately disabled. Like for Photos, Xbox and several others. These are apps that are not being used. What could be done ?
Idk about Windows Firewall, but you can use a 3rd party firewall if you want finer control and other features
This works as expected. Depending on the features/programs that are required, the operating system will enable/disable certain firewall rules based on their group name. You can use Windows Firewall Control to remove these rules (you don't use them anyway) and enable Secure Rules so that they won't be recreated again.
Unless you are on a Home version without access to it you could rely on the Group Policy firewall instead. 1) Export the existing (desired) firewall rules to a .wfw 2) Run gpedit.msc > Local Computer Policy > Windows Settings > Security Settings > Windows Defender Firewall with Advanced Security 3) import the .wfw you saved 4) Open up the properties and then for each of the 3 'profile' tabs goto > settings > customize > apply local firewall rules = no 5) Remember to add any new rules or make changes here instead or they won't get applied. Then apps you install or windows Apps, update etc can 'enable', add, remove to their hearts content in the normal firewall area and the rules will simply be ignored applying only those existing in gp.
Or a Windows Firewall front end Gui, there is some good ones like binisoft/Malwarebytes WFC, easy to use, quite efficient and free. About the OP question, he can just export his settings and import them back after the updates/upgrades.
Windows Firewall rules are in the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules By manipulating permissions to it, you can prohibit or allow changes to the firewall rules. There are solutions in the form of .bat + subinacl.exe.
Someone already tried that and it resulted in BSOD. I remove all rules daily and then re-apply mine. Code: netsh advfirewall firewall delete rule name=all
Blocking firewall rules can not lead to BSOD. I block with .bat + subinacl.exe, and everything works fine.
Blocking firewall rules not, but blocking permissions for system processes can, because it is an unexpected behaviour and it can result in a crash.
Blocking Firewall Rules through locking Registry Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules (including blocking permissions for system processes) no errors or bsod.
It's almost impossible to control creation/deletion of Win 10 firewall rules. For example everytime a Win 10 store app is updated, its file name changes. The OS will delete any existing firewall rules and create new ones for the app. Much worse is recent Abode Reader DC behavior I have observed. Everytime a .pdf is opened via browser, Reader will delete its existing firewall rule(why one exists is beyond me) and create a new firewall rule. Believe its either protected mode or appcontainer causing this but as expected, Abobe is of zip help with the behavior.
I tried using Task Scheduler to automatically re-import a exported set of rules, but now, MS disallows that. Manually importing previously exported rules is fine, just not a scheduled one. Found a solution. BiniSoft's Windows Firewall Control. It has a Secure Rules feature, and correctly blocks all changes. Let's see what MS's next move is.