deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-23 02:37:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Added note as suggested that policy can't be changed issue #1880

Browse Source
This commit is contained in:
Jose Ortega 2019-04-03 04:27:19 -06:00
parent 2e66275305
commit 6c520d261f
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction.md
View File

@ -34,7 +34,8 @@ You can exclude files and folders from being evaluated by most attack surface re
>- Block process creations originating from PSExec and WMI commands
>- Block JavaScript or VBScript from launching downloaded executable content
You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules the exclusions apply to.
>[!IMPORTANT] The rule **Block executable files from running unless they meet a prevalence, age, or trusted list criterion** is owned by microsoft and is not specified by admins. It uses Microsoft CLoud's Protection to update its trusted list regularly.
>You can specify individual files or folders (using folder paths or fully qualified resource names) but you can't specify which rules or exclusions apply to.
ASR rules support environment variables and wildcards. For information about using wildcards, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists).