deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Add warning about PSExec rule blocking SCCM compliance rules.

Browse Source
This commit is contained in:
Andrea Bichsel (Aquent LLC)
2018-04-06 08:46:27 -07:00
parent 076a04cfae
commit 569981914b
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
View File

@ -173,6 +173,9 @@ Local Security Authority Subsystem Service (LSASS) authenticates users who log i
### Rule: Block process creations originating from PSExec and WMI commands
This rule blocks processes through PsExec and WMI commands from running, to prevent remote code execution that can spread malware attacks.
>[!WARNING]
>[Only use this rule if you are managing your devices with Intune or other MDM solution. If you use this rule with SCCM, it will prevent SCCM compliance rules from working, because this rule blocks the PSExec commands in SCCM.]
### Rule: Block untrusted and unsigned processes that run from USB