deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-20 17:27:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Added precompiling info to windows defender app control and .net doc.

Browse Source
This commit is contained in:
Kim Klein 2021-09-13 14:53:30 -07:00
parent 1c7a40d636
commit 8d279c3aa9
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md
View File

@ -31,6 +31,8 @@ Dynamic Code Security is not enabled by default because existing policies may no
Additionally, a few .NET loading features, including loading unsigned assemblies built with System.Reflection.Emit, are not currently supported with Dynamic Code Security enabled. Additionally, a few .NET loading features, including loading unsigned assemblies built with System.Reflection.Emit, are not currently supported with Dynamic Code Security enabled.
Microsoft recommends testing Dynamic Code Security in audit mode before enforcing it to discover whether any new libraries should be included in the policy. Microsoft recommends testing Dynamic Code Security in audit mode before enforcing it to discover whether any new libraries should be included in the policy.
Additionally, customers can precompile for deployment only to prevent an allowed executable from being terminated because it tries to load unsigned dynamically generated code. See the "Precompiling for Deployment Only" section in the [ASP.NET Precompilation Overview](https://docs.microsoft.com/en-us/previous-versions/aspnet/bb398860(v=vs.100)) document for how to fix that.
To enable Dynamic Code Security, add the following option to the `<Rules>` section of your policy: To enable Dynamic Code Security, add the following option to the `<Rules>` section of your policy:
```xml ```xml