[SOLVED] Firewall Rendered Useless: Applications Adding Rules Without Prompting!

CIS 5.4
Win7 x64

[UPDATE] – this may be my fault - i just noticed firewall was set to “safe mode”. i may have done that accidentally

first thing i do when installing CIS is delete almost all predefined policies/rules, including rules/policies affecting windows update, CIS, etc., etc.

i just noticed that running windows update causes rules to be created WITHOUT ASKING for svchost.exe allowing all traffic on 80 and 443

this started very recently, possibly as a result of the last CIS update, or possibly on its own

VirtualBox is another one - it added several rules

cfpupdat.exe is another - adds itself without prompting

Is CIS actually adding new rules, or are these processes simply allowed to connect without asking?

Can you provide the following information:

  1. Which configuration (CIS/More/Manage My Configurations, the one that’s active)
  2. Firewall behaviour Settings
  3. screen-shot of your current firewall Application rules.

hi Radaghast – see first post