CCE-96757-0| Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This policy setting allows you to configure heuristics. Suspicious detections will be suppressed right before reporting to the engine client. Turning off heuristics will reduce the capability to flag new threats. It is recommended that you do not turn off heuristics.
If you enable or do not configure this setting, heuristics will be enabled.
If you disable this setting, heuristics will be disabled.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Heuristics can impact performance.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Scan\Turn on heuristics
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Scan!DisableHeuristics
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.0 | Attack Vector: LOCAL |
| Exploit Score: 1.0 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79543 |
