none
Firewall warnings with Windows 10 Pro 1709 Windows Creators Update, build 16299.19 RRS feed

  • Question

  • I recently installed the 1709 fall Windows Creators update on a Windows 10 Pro machine (Hyper-V guest, domain member) and have had problems with firewall warnings since.

    Settings-->System-->About shows a red X next to Firewall & Network Protection. Clicking on the "See details in Windows Defender" link, Windows Defender Security indicates the firewalls are off so I clicked the "Turn on" button and get a green check box in Windows Defender. However, the red X is still shown after returning to the About screen and repeating the same steps show that Windows Defender thinks the firewall is off again.

    The firewall is actually on according the Control Panel-->System and Security-->Windows Defender Firewall. Changes I make there are effective but are reset when I click the "Turn on" button in Windows Defender Security Center.


    Dan Guzman, Data Platform MVP, http://www.dbdelta.com

    Saturday, 21 October 2017 6:46 PM

All replies

  • Make sure report this issue through Feedback Hub app.

    Sunday, 22 October 2017 5:18 PM
  • Done. Thanks.

    Dan Guzman, Data Platform MVP, http://www.dbdelta.com

    Sunday, 22 October 2017 5:47 PM
  • Hi,

    We have the same issue with you on our VDI machine. We will feedback the issue on our side too.

    Bests,


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, 23 October 2017 10:04 AM
    Moderator
  • Hi 

    We are experiencing this exact same problem and its more than a cosmetic issue if you are connected to the machine with remote desktop clicking the "Turn on"  button will cut off the RDP session by disallowing the Remote Desktop app through the firewall. 

    Wednesday, 1 November 2017 11:41 AM
  • We are experiencing this exact same problem and its more than a cosmetic issue if you are connected to the machine with remote desktop clicking the "Turn on"  button will cut off the RDP session by disallowing the Remote Desktop app through the firewall. 


    It seems "turn on" reverts the already active firewall to default settings. Bottom line is don't do that and ignore the erroneous warning if the firewall is already on and configured under Control Panel-->System and Security-->Windows Defender Firewall.

    Dan Guzman, Data Platform MVP, http://www.dbdelta.com

    Wednesday, 1 November 2017 12:07 PM
  • Hi Dan

    I think I've found what triggers the issue, we have a group policy that allows WMI through the firewall for our System Center Configuration Manager clients. When I disable the WMI GPO link the Windows Defender Security Center of the 1709 machines do not complain anymore.  It may be that the group policy central store ADMX files need updating to 1709 we are currently on 1607 or there is a bug but that's for another day.

    Cheers

    Wednesday, 1 November 2017 1:03 PM
  • Hi Boris,

    I have the same problem as you explain. But, in my side, I've already updated the ADMX files to 1709 and I still get the red cross. But in the details, it looks OK:

    Cheers

    Friday, 3 November 2017 8:19 AM
  • We are experiencing this exact same problem and its more than a cosmetic issue if you are connected to the machine with remote desktop clicking the "Turn on"  button will cut off the RDP session by disallowing the Remote Desktop app through the firewall. 


    It seems "turn on" reverts the already active firewall to default settings. Bottom line is don't do that and ignore the erroneous warning if the firewall is already on and configured under Control Panel-->System and Security-->Windows Defender Firewall.

    Dan Guzman, Data Platform MVP, http://www.dbdelta.com


    We also have this issue.  Clicking on the option to "fix the firewall settings" reverts it to its default configuration, which in our case terminates RDP access to the device - an undesired side-effect also covered in this post:

    https://social.technet.microsoft.com/Forums/en-US/8b0debe5-ba1e-4e4e-a054-6e8dc0bc2aa3/remote-desktop-connection-fails-after-fall-creators-update-installed

    I'm going to assume as Dan Guzman says above that this is an erroneous "false flag" error, not a legitimate error message.  Fingers crossed!
    Monday, 20 November 2017 3:34 PM
  • I have same problem as well.  In addition to the firewall, and the RDP as someone else mentioned, it also seems to turn off network discovery (if you go to file explorer, you have to turn that back on as well after going to the "About" screen).

    A few other symptoms...

    I believe the computer has to be domain joined.  I have tried with a computer that was not domain joined and it worked fine, as soon as the CPU joined the domain the problem began.

    If I turn off my GPO on the server related to enforcing the firewall to be on, the problem also goes away.  FYI, my particular GPO is a Sever 2016 created GPO (from the Server Essentials interface).  I have also manually created my own GPO enforcing firewall with same effect.  But if the GPO is removed, the problem does stop.

    Even though RDP "appears" to be on from the workstation, after going to the About screen, you have to manually disable, and then re-enable RDP in order to make an RDP connection again to the workstation.

    I have another thread here with no resolution there either (I did open a MS ticket a couple weeks ago but they haven't been able to figure it out either):  https://social.technet.microsoft.com/Forums/windows/en-US/c1e25c94-119c-471e-a956-03f642b5fcf7/navigating-to-settings-system-about-turns-off-my-firewall?forum=win10itprosecurity




    • Edited by TimXyzzy Friday, 22 December 2017 3:19 PM
    Friday, 22 December 2017 3:17 PM
  • I also have encountered this problem.

    This seems to be a problem in Windows 10 1709. Easiest way to eliminate variables and reproduce problem is to install clean W10 1709 (I tested with W10 1709 x64 Enterprise english) and create local group policy with gpedit.msc and for example enforce Defender firewall On.
    Computer Configuration - Windows Settings - Security Settings - Windows Defender Firewall with Advanced Security.

    After reboot - the about dialog breaks the Defender Security Center. Reboot is necessary - although the GPO setting apply earlier - the About dialog reports errors only after reboot.

    I haven't found any resolution yet - only way is to hide Defender Security Center from end users. The firewall work correctly at all time. And as said earlier - the Turn On button defaults the firewall - that means breaks the firewall in corporate domain environment. At least until the domain GPOs are applied again.

    Friday, 5 January 2018 10:36 AM
  • So, my problem seems to have gone away?!  The only update I noticed on the workstations was January 3, 2018—KB4056892 (OS Build 16299.192).  Not sure if that would have solved it (or perhaps a related update on the server). I tried triggering the previous issue on 3 different computers on my network and it has gone away on them all.

    I don't believe I have made any material configuration changes to my network since then.

    Update:  I pulled out a laptop we haven't used for awhile (which didn't have KB4056892), verified the problem still existed, applied the update (along with a couple others that downloaded at the same time) and the problem when away with no other changes.  Leads me to believe Win10 workstation OS issue.

    Has anyone noticed the problem has gone away?


    • Edited by TimXyzzy Tuesday, 9 January 2018 8:08 PM
    • Proposed as answer by TimXyzzy Tuesday, 23 January 2018 10:23 PM
    Tuesday, 9 January 2018 7:26 PM
  • Problem seems to be solved here too. Could be one of the recent updates...
    Wednesday, 10 January 2018 7:47 AM
  • Worked for me too.

    Thanks for the post.

    Wednesday, 10 January 2018 3:51 PM