21.10 (L1) Ensure 'PUA Protection' is set to 'PUA Protection on'

Information

This policy setting controls detection and action for Potentially Unwanted Applications (PUA), which are sneaky unwanted application bundlers or their bundled applications, that can deliver adware or malware.

The recommended state for this setting is: PUA Protection on

For more information, see this link:

Block potentially unwanted applications with Microsoft Defender Antivirus | Microsoft Docs

Potentially unwanted applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify, and can waste IT resources in cleaning up the applications. They should be blocked from installation.

Solution

To establish the recommended configuration via GP, set the following UI path to PUA Protection on :

Defender\PUA Protection

Impact:

Applications that are identified by Microsoft as PUA will be blocked at download and install time.

See Also

https://workbench.cisecurity.org/benchmarks/16852

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, CSCv7|2.7, CSCv7|8.1

Plugin: Windows

Control ID: 55be6273ee961c6de7aac3a24023dc57a31c84ced2e0df206f8381e9b77f678d