How to deploy Potentially Unwanted Application protection with Microsoft Configuration Manager


SECPotentially Unwanted Application (PUA) is a threat classification based on reputation and research-driven identification. Most commonly, these PUAs are unwanted applications that come bundled with some other application installer. With Microsoft System Center 2012 Endpoint Protection and Configuration Manager, you can protect your users from PUAs by simply deploying an antimalware policy in your Configuration Manager environment. The protection policy setting is disabled by default, however once enabled, this feature will block PUAs at download and install time. You can also exclude specific files or folders to meet the specific needs of your environment.

For details on how to enable PUA protection, see the following documentation in our TechNet Library:

How to Deploy Potentially Unwanted Application Protection Policy for Endpoint Protection in Configuration Manager

J.C. Hornbeck | Solution Asset PM | Microsoft GBS Management and Security Division

Get the latest System Center news on Facebook and Twitter:

clip_image001 clip_image002

System Center All Up: http://blogs.technet.com/b/systemcenter/

Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/ 
Data Protection Manager Team blog: http://blogs.technet.com/dpm/ 
Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/ 
Operations Manager Team blog: http://blogs.technet.com/momteam/ 
Service Manager Team blog: http://blogs.technet.com/b/servicemanager 
Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm

Microsoft Intune: http://blogs.technet.com/b/microsoftintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The RMS blog: http://blogs.technet.com/b/rms/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Surface Team blog: http://blogs.technet.com/b/surface/
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/

The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/

ConfigMgr 2012 R2 SCEP 2012 R2


Comments (4)
  1. Following the documentation to use a ConfigMgr compliance setting to set the MpEnablePus registry property results in a REG_QWORD type being created on 64-bit systems instead of a REG_DWORD. Is this correct? All of the other properties under the Microsoft
    Antimalware branch and subkeys are REG_DWORD type. Will the REG_QWORD value be recognized properly?

  2. Thorsten5 says:

    The auto-translated technet sites do not contain the new PUA section. Follow this link to read the original site:
    https://technet.microsoft.com/en-us/library/hh508770.aspx#BKMK_PUA

  3. Neil says:

    I don't have that key under Policies and is it really MpEnablePus or MpEnablePlus?

    1. Dan says:

      It must be a typo on the website. It should probably say MpEnablePua?

Comments are closed.

Skip to main content