1.11.4 Ensure 'Prevent bypassing Microsoft Defender SmartScreen prompts for sites' is set to 'Enabled'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This policy setting controls whether users may bypass the SmartScreen warning if a site is deemed unsafe.

The recommended state for this setting is Enabled.

Rationale:

Windows Defender SmartScreen can provide messages and warnings to users to help thwart phishing and malicious software however, by default, users may bypass these warnings.

Impact:

SmartScreen will not allow a user to bypass the warning message.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled

Computer Configuration\Policies\Administrative Templates\Microsoft Edge\SmartScreen settings\Prevent bypassing Microsoft Defender SmartScreen prompts for sites

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.

Default Value:

Disabled.

See Also

https://workbench.cisecurity.org/files/3907