deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Add a note about new asr

Browse Source
This commit is contained in:
Andrea Bichsel (Aquent LLC) 2018-04-30 08:08:14 -07:00
parent 82db0e3848
commit 7129ef7e3d
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
View File

@ -65,6 +65,14 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua
## Attack surface reduction rules ## Attack surface reduction rules
Windows 10, version 1803 has five new Attack surface reduction rules:
- Block executable files from running unless they meet a prevalence, age, or trusted list criteria
- Use advanced protection against ransomware
- Block credential stealing from the Windows local security authority subsystem (lsass.exe)
- Block process creations originating from PSExec and WMI commands
- Block untrusted and unsigned processes that run from USB
The following sections describe what each rule does. Each rule is identified by a rule GUID, as in the following table: The following sections describe what each rule does. Each rule is identified by a rule GUID, as in the following table:
Rule name | GUID Rule name | GUID