deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix WDAC fully-managed formatting

Browse Source
This commit is contained in:
isbrahm 2019-11-20 16:13:42 -08:00 committed by GitHub
parent c0e3b35907
commit 6dbc32d18f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/create-wdac-policy-for-fully-managed-devices.md
View File

@ -157,7 +157,7 @@ Alice has defined a policy for Lamna's fully-managed devices that makes some tra
- **Supplemental policies**<br> - **Supplemental policies**<br>
Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction. Supplemental policies are designed to relax the associated base policy. Additionally allowing unsigned policies allows any administrator process to expand the "circle-of-trust" defined by the base policy without restriction.
Possible mitgations: Possible mitigations:
- Use signed WDAC policies which allow authorized signed supplemental policies only. - Use signed WDAC policies which allow authorized signed supplemental policies only.
- Use a restrictive audit mode policy to audit app usage and augment vulnerability detection. - Use a restrictive audit mode policy to audit app usage and augment vulnerability detection.