deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-30 17:53:53 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

#10364

Browse Source 
#10364
This commit is contained in:
Michael Nady
2022-06-14 15:05:52 +02:00
committed by GitHub
parent 73f2459fc1
commit 19119c4179
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker.md
View File

@ -29,6 +29,7 @@ ms.technology: windows-sec
>[!NOTE] >[!NOTE]
>Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability). >Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
This topic describes the file formats and available default rules for the script rule collection. This topic describes the file formats and available default rules for the script rule collection.
AppLocker defines script rules to include only the following file formats: AppLocker defines script rules to include only the following file formats:
@ -46,6 +47,9 @@ The following table lists the default rules that are available for the script ru
| Allow all users to run scripts in the Windows folder| (Default Rule) All scripts located in the Windows folder| Everyone | Path: %windir%\*| | Allow all users to run scripts in the Windows folder| (Default Rule) All scripts located in the Windows folder| Everyone | Path: %windir%\*|
| Allow all users to run scripts in the Program Files folder| (Default Rule) All scripts located in the Program Files folder|Everyone | Path: %programfiles%\*| | Allow all users to run scripts in the Program Files folder| (Default Rule) All scripts located in the Program Files folder|Everyone | Path: %programfiles%\*|
>[!NOTE]
>Windows Defender Application Control cannot be used to block Powershell scripts. Applocker just forces Powershell scripts to be run in Constrained Language Mode. Also note that in cases where a PS1 script is "blocked", AppLocker generates an 8007 event - which literally states the script will be blocked. After which the script runs.
## Related topics ## Related topics
- [Understanding AppLocker default rules](understanding-applocker-default-rules.md) - [Understanding AppLocker default rules](understanding-applocker-default-rules.md)