deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-15 14:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update microsoft-recommended-driver-block-rules.md

Browse Source
This commit is contained in:
jsuther1974 2022-10-17 12:14:38 -07:00
parent 46f70e3365
commit 8dabb74bce
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
View File

@ -2183,6 +2183,9 @@ Microsoft recommends enabling [HVCI](/windows/security/threat-protection/device-
> [!NOTE]
> The policy listed above contains **Allow All** rules. If your version of Windows supports WDAC multiple policies, we recommend deploying this policy alongside any existing WDAC policies. If you do plan to merge this policy with another policy, you may need to remove the **Allow All** rules before merging it if the other policy applies an explicit allow list. For more information, see [Create a WDAC Deny Policy](/windows/security/threat-protection/windows-defender-application-control/create-wdac-deny-policy#single-policy-considerations).
> [!NOTE]
> To use the policy above with Windows Server 2016, you must convert the policy XML on a device running a newer operating system.
## Steps to download and apply the vulnerable driver blocklist binary
If you prefer to apply the vulnerable driver blocklist exactly as shown above, follow these steps: