mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-29 21:57:23 +00:00
Merge pull request #8641 from vinaypamnani-msft/vp-sec-mrbr
Changed Microsoft Recommended Block list article
This commit is contained in:
Rebecca Agiewich
GitHub
commit
798d0b50d8
@ -80,6 +80,11 @@
|
|||||||
"redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines",
|
"redirect_url": "/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines",
|
||||||
"redirect_document_id": false
|
"redirect_document_id": false
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"source_path": "windows/security/application-security/application-control/windows-defender-application-control/design/microsoft-recommended-block-rules.md",
|
||||||
|
"redirect_url": "/windows/security/application-security/application-control/windows-defender-application-control/design/applications-that-can-bypass-wdac",
|
||||||
|
"redirect_document_id": false
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"source_path": "windows/security/apps.md",
|
"source_path": "windows/security/apps.md",
|
||||||
"redirect_url": "/windows/security/application-security",
|
"redirect_url": "/windows/security/application-security",
|
||||||
|
|||||||
@ -55,8 +55,8 @@
|
|||||||
href: design/create-wdac-policy-using-reference-computer.md
|
href: design/create-wdac-policy-using-reference-computer.md
|
||||||
- name: Create a WDAC deny list policy
|
- name: Create a WDAC deny list policy
|
||||||
href: design/create-wdac-deny-policy.md
|
href: design/create-wdac-deny-policy.md
|
||||||
- name: Microsoft recommended block rules
|
- name: Applications that can bypass WDAC and how to block them
|
||||||
href: design/microsoft-recommended-block-rules.md
|
href: design/applications-that-can-bypass-wdac.md
|
||||||
- name: Microsoft recommended driver block rules
|
- name: Microsoft recommended driver block rules
|
||||||
href: design/microsoft-recommended-driver-block-rules.md
|
href: design/microsoft-recommended-driver-block-rules.md
|
||||||
- name: Use the WDAC Wizard tool
|
- name: Use the WDAC Wizard tool
|
||||||
|
|||||||
@ -1,15 +1,15 @@
|
|||||||
---
|
---
|
||||||
title: Microsoft recommended block rules
|
title: Applications that can bypass WDAC and how to block them
|
||||||
description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community.
|
description: View a list of recommended block rules, based on knowledge shared between Microsoft and the wider security community.
|
||||||
ms.localizationpriority: medium
|
ms.localizationpriority: medium
|
||||||
ms.date: 06/14/2023
|
ms.date: 06/14/2023
|
||||||
ms.topic: reference
|
ms.topic: reference
|
||||||
---
|
---
|
||||||
|
|
||||||
# Microsoft recommended block rules
|
# Applications that can bypass WDAC and how to block them
|
||||||
|
|
||||||
>[!NOTE]
|
> [!NOTE]
|
||||||
>Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
|
> Some capabilities of Windows Defender Application Control (WDAC) are only available on specific Windows versions. Learn more about the [WDAC feature availability](../feature-availability.md).
|
||||||
|
|
||||||
Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass WDAC.
|
Members of the security community<sup>*</sup> continuously collaborate with Microsoft to help protect customers. With the help of their valuable reports, Microsoft has identified a list of valid applications that an attacker could also potentially use to bypass WDAC.
|
||||||
|
|
||||||
@ -33,8 +33,8 @@ landingContent:
|
|||||||
links:
|
links:
|
||||||
- text: Using code signing to simplify application control
|
- text: Using code signing to simplify application control
|
||||||
url: deployment/use-code-signing-for-better-control-and-protection.md
|
url: deployment/use-code-signing-for-better-control-and-protection.md
|
||||||
- text: Microsoft's Recommended Blocklist
|
- text: Applications that can bypass WDAC and how to block them
|
||||||
url: design/microsoft-recommended-block-rules.md
|
url: design/applications-that-can-bypass-wdac.md
|
||||||
- text: Microsoft's Recommended Driver Blocklist
|
- text: Microsoft's Recommended Driver Blocklist
|
||||||
url: design/microsoft-recommended-driver-block-rules.md
|
url: design/microsoft-recommended-driver-block-rules.md
|
||||||
- text: Example WDAC policies
|
- text: Example WDAC policies
|
||||||
|
|||||||
@ -47,7 +47,7 @@ Smart App Control is only available on clean installation of Windows 11 version
|
|||||||
|
|
||||||
### Smart App Control Enforced Blocks
|
### Smart App Control Enforced Blocks
|
||||||
|
|
||||||
Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/microsoft-recommended-block-rules.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:
|
Smart App Control enforces the [Microsoft Recommended Driver Block rules](design/microsoft-recommended-driver-block-rules.md) and the [Microsoft Recommended Block Rules](design/applications-that-can-bypass-wdac.md), with a few exceptions for compatibility considerations. The following are not blocked by Smart App Control:
|
||||||
|
|
||||||
- Infdefaultinstall.exe
|
- Infdefaultinstall.exe
|
||||||
- Microsoft.Build.dll
|
- Microsoft.Build.dll
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user