Skip to content

🛡️ Security

In this guide, you'll understand, whether to enable or disable Windows Defender, Firewall, and mitigations, as well as how they work.

✨ Custom Features

During the playbook installation, you can't miss the AME Wizard option in Custom Features:

Custom Features

🔒 Insights into Windows Defender

What is Windows Defender?

Windows Defender is a built-in security feature in Windows designed to block malware, but it does have its vulnerabilities.

In the recent 23H2 and 24H2 updates, Windows Defender has been significantly improved, making it harder to disable "completely" including its associated processes.

On the other hand, RapidOS disables Windows Defender using cabinet files (.cab) through a method derived from AtlasOS - sxsc.

For more information, visit our repository: Defender Switcher.

Disable or Keep Windows Defender?

The choice is yours. If you're happy with your current antivirus, you can stick with it. However, Windows Defender has a few weaknesses:

  • A virus can add itself to the exclusions list, allowing it to run as if nothing happened.
  • Can block your file without giving you the choice to remove or keep it.
  • It can be easily disabled via the registry.
  • Even after disabling it in the registry, Defender's processes can still run, and there's a chance it might turn itself back on.
  • You can fully disable it by installing another antivirus. Windows has a Windows Security Centre (WSC) service, which tells the system that another antivirus is active, causing Defender to turn off.

That said, Defender is still better than having no antivirus at all. If you just need basic protection, it'll do the job.

But personally, I'd recommend something like Bitdefender or AVG for more robust protection. Once you install another antivirus, you don't need to worry about turning off Defender - it will automatically disable itself.

🌐 About Firewall

What is a Firewall?

A firewall is a security feature that blocks threats like hackers and malware by controlling what data comes in and out of your system.

Why It's Good:

  • Stops unwanted access to your device.
  • Monitors traffic to catch threats early.
  • Protects your personal data.

Why It Sucks Sometimes:

  • Constant pop-ups, especially when launching new games or apps, get annoying.
  • It can slow down your connection, which sucks for gamers.
  • Wrong settings can block stuff you need, like game servers or apps.

🤔 Who Needs It?

  • Everyone should have it on, for basic security.
  • Businesses need it for protecting sensitive data.
  • Gamers and power users might find it more annoying than useful.

Should You Disable It?

Honestly, it's best to leave the firewall on for security, but I get it - the pop-ups when launching new games or apps can be irritating. Instead of turning it off, tweak the settings to let trusted apps through, so you don't keep getting interrupted while gaming. That way, you keep the protection without the hassle.

📋 Information on Spectre and Meltdown Mitigations

  1. What are Spectre and Meltdown?
    Spectre and Meltdown are major security flaws in modern processors. They allow malicious programs to access private data by exploiting how CPUs guess what actions to take next, a technique called speculative execution.

  2. Why Disable Mitigations?
    Disabling these security measures can enhance CPU performance, particularly on older systems where performance patches have a noticeable impact. However, this significantly increases security risks, exposing your system to potential breaches. 🔐

  3. Intel CPUs:
    Our script lets you turn off these security measures for better performance:

    • Changes FeatureSettingsOverride and FeatureSettingsOverrideMask to 3, which can speed up your system but reduce security.
    • Turns off SEHOP (a security feature), and tweaks CFG and DEP settings to enhance performance.
    • Games with CFG Enabled:
      • Valorant, Apex Legends, Final Fantasy XV, The Witcher 3, Far Cry 5, and games/clients that likely won't work even with CFG enabled - Faceit, Fortnite.
        These games either need CFG to run properly or have performance issues without it. Even with mitigations off, CFG is kept on for these games to keep them running like mitigations enabled. 🎮

  4. AMD CPUs:
    Our script doesn't include ways to disable these mitigations for AMD:

    • Why? Because AMD manages these vulnerabilities differently, often through BIOS or system updates rather than changing registry settings.
    • Disabling could be less beneficial for performance and riskier due to the lack of clear guidelines. AMD advises against it for security reasons. ⚠️

  5. Performance vs. Security:

    • You get a performance boost by disabling mitigations, but your system might be easier to hack. It's like choosing speed over wearing a seatbelt.
    • If you're dealing with sensitive data, think twice about this trade-off.

  6. Reason for doing this choice:
    This was created for users who want to tweak their system for performance, understanding the security risks. It's not for everyone - only for those who know what they're doing and have other security measures in place.