From 48d7e752113825973a1f2559ea6c14009dd7e3d6 Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Thu, 27 May 2021 16:55:49 -0700 Subject: [PATCH] Update windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md --- .../event-tag-explanations.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md index 76084853c5..2ae5aa34a4 100644 --- a/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md +++ b/windows/security/threat-protection/windows-defender-application-control/event-tag-explanations.md @@ -95,6 +95,7 @@ Represents why verification failed, or if it succeeded. ## Microsoft Root CAs trusted by Windows The rule means trust anything signed by a certificate that chains to this root CA. + | Root ID | Root Name | |---|----------| | 0| None | @@ -118,4 +119,4 @@ The rule means trust anything signed by a certificate that chains to this root C | 18 | Microsoft ECC Product Root CA 2018 | | 19 | Microsoft ECC Devices Root CA 2017 | -For well-known roots, the TBS hashes for the certificates are baked into the code for WDAC. For example, they don’t need to be listed as TBS hashes in the policy file. \ No newline at end of file +For well-known roots, the TBS hashes for the certificates are baked into the code for WDAC. For example, they don’t need to be listed as TBS hashes in the policy file.