There's been a lot of noise on Reddit about how "easy" it is to disable Windows Defender ATP. These discussions focus on the wrong issue entirely.

There’s been a lot of noise lately on Reddit and other platforms about how “easy” it is to disable Windows Defender ATP. MSPs are getting questions from clients about this concern. But these discussions are focusing on the wrong issue entirely. Yes, You Can Disable Defender ATP (But That’s Not the Real Problem) If you […] The post Admin Rights Are the Problem, Not Which Antivirus You Choose appeared first on Heimdal Security Blog.

  • Blue_Morpho@lemmy.worldEnglish
    52·
    5 months ago

    “I’m a high-value target as a founder, and if I don’t have elevated privileges, I can’t accidentally (or through social engineering) compromise the entire system.”

    That’s just security through obscurity. Someone has admin rights.

    • jetAEnglish
      2·
      5 months ago

      The admin account should not be the daily driver account

      Admin actions should be deliberate and exceptional, not one misclick away

      • Blue_Morpho@lemmy.worldEnglish
        3·
        5 months ago

        That’s not allowed by default on any mainstream Linux distro or Windows. You have to sudo or click that privilege escalation dialog box in Windows.

        • jetAEnglish
          1·
          5 months ago

          Yes, on windows you have to click ok to a popup. Which I can tell you from experience users do automatically