CCE-43785-5Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Allow real-time definition updates based on reports to Microsoft MAPS'
This policy setting allows you to enable real-time definition updates in response to reports sent to Microsoft MAPS. If the service reports a file as an unknown and Microsoft MAPS finds that the latest definition update has definitions for a threat involving that file, the service will receive all of the latest definitions for that threat immediately. You must have configured your computer to join Microsoft MAPS for this functionality to work.
If you enable or do not configure this setting, real-time definition updates will be enabled.
If you disable this setting, real-time definition updates will disabled.
Counter Measure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Real-time definition updates will be enabled.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderSignature UpdatesAllow real-time definition updates based on reports to Microsoft MAPS
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderSignature UpdatesRealtimeSignatureDelivery
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35311 |