Merge pull request #8641 from vinaypamnani-msft/vp-sec-mrbr

Changed Microsoft Recommended Block list article
2025-05-28 13:17:23 +00:00 · 2023-08-02 10:24:23 -07:00 · 2023-08-02 10:24:23 -07:00 · 798d0b50d8
commit 798d0b50d8
parent ac78468aaf 0467a20de9
5 changed files with 14 additions and 9 deletions
--- a/.openpublishing.redirection.windows-security.json
+++ b/.openpublishing.redirection.windows-security.json
@ -80,6 +80,11 @@
      "redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines",
      "redirect_document_id": false
    },
+    {
+      "source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md",
+      "redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac",
+      "redirect_document_id": false
+    },
    {
      "source_path": "windows/security/apps.md",
      "redirect_url": "/windows/security/application-security",
--- a/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
+++ b/windows/security/application-security/application-control/windows-defender-application-control/TOC.yml
@ -55,8 +55,8 @@
              href: design/create-wdac-policy-using-reference-computer.md
            - name: Create a WDAC deny list policy
              href: design/create-wdac-deny-policy.md
-            - name: Microsoft recommended block rules
-              href: design/microsoft-recommended-block-rules.md
+            - name: Applications that can bypass WDAC and how to block them
+              href: design/applications-that-can-bypass-wdac.md
            - name: Microsoft recommended driver block rules
              href: design/microsoft-recommended-driver-block-rules.md
        - name: Use the WDAC Wizard tool
--- a/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac.md
@ -1,15 +1,15 @@
 ---
-title: Microsoft recommended block rules
+title: Applications that can bypass WDAC and how to block them
 description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community.
 ms.localizationpriority: medium
 ms.date: 06/14/2023
 ms.topic: reference
 ---

-# Microsoft recommended block rules
+# Applications that can bypass WDAC and how to block them

->[!NOTE]
->Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
+> [!NOTE]
+> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).

 Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass WDAC.

--- a/windows/security/application-security/application-control/windows-defender-application-control/index.yml
+++ b/windows/security/application-security/application-control/windows-defender-application-control/index.yml
@ -33,8 +33,8 @@ landingContent:
        links:
          - text: Using code signing to simplify application control
            url: deployment/use-code-signing-for-better-control-and-protection.md
-          - text: Microsoft's Recommended Blocklist
-            url: design/microsoft-recommended-block-rules.md
+          - text: Applications that can bypass WDAC and how to block them
+            url: design/applications-that-can-bypass-wdac.md
          - text: Microsoft's Recommended Driver Blocklist
            url: design/microsoft-recommended-driver-block-rules.md
          - text: Example WDAC policies
--- a/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/wdac.md
@ -47,7 +47,7 @@ Smart App Control is only available on clean installation of Windows 11 version

 ### Smart App Control Enforced Blocks

-Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/microsoft-recommended-block-rules.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:
+Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-wdac.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:

 - Infdefaultinstall.exe
 - Microsoft.Build.dll