deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-17 15:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #5112 from illfated/solve_block_rules_ambiguity

Browse Source 
WDAC/Recommended block rules: Add notes and link
This commit is contained in:
Daniel Simpson 2019-10-08 13:55:43 -07:00 committed by GitHub
commit 50ca69c5e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-block-rules.md
View File

@ -18,6 +18,7 @@ ms.author: dansimp
**Applies to** **Applies to**
- Windows 10 - Windows 10
- Windows Server 2016 - Windows Server 2016
- Windows Server 2019
Members of the security community<sup>\*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass Windows Defender Application Control. Members of the security community<sup>\*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass Windows Defender Application Control.
@ -69,8 +70,8 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
<br /> <br />
>[!Note] > [!Note]
>This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered. > This application list will be updated with the latest vendor information as application vulnerabilities are resolved and new issues are discovered.
Certain software applications may allow additional code to run by design. Certain software applications may allow additional code to run by design.
These types of applications should be blocked by your Windows Defender Application Control policy. These types of applications should be blocked by your Windows Defender Application Control policy.
@ -1513,3 +1514,10 @@ Pick the correct version of each .dll for the Windows release you plan to suppor
</SiPolicy> </SiPolicy>
``` ```
<br /> <br />
> [!Note]
> To create a policy that works on both Windows 10, version 1803 and version 1809, you can create two different policies, or merge them into one broader policy.
## More information
- [Merge Windows Defender Application Control policies](merge-windows-defender-application-control-policies.md)