2eae16f36f
remove certain values from ms.collection
2022-12-08 16:56:46 -05:00
17f20df36c
Update microsoft-recommended-block-rules.md
2022-11-04 15:39:46 -07:00
fcb764edb4
Various doc fixes
2022-11-04 15:34:25 -07:00
607ad27326
Adding Will Dormann to acknowledgments section
2022-10-25 13:21:15 -07:00
c5e4881a7d
Updated SAC-recommended section per feedback
2022-09-23 12:54:41 -04:00
bef7c27e8d
Updated ms.reviewer
2022-09-20 18:16:02 -04:00
25c79227be
Updated the user mode rules and added point about SAC
2022-09-20 18:15:32 -04:00
f775da3963
bring even with master (resolve conflict)
2022-09-15 08:56:45 -07:00
5e70d28bd2
editorial revision
2022-09-14 08:24:22 -07:00
4c0868fbb4
Update microsoft-recommended-block-rules.md
...
BGInfo has moved on from version 4.22 and references to it as being "the latest version" was misleading.
2022-09-14 16:08:12 +02:00
0d74eefba5
toc improvements and collapse xml
2022-08-11 16:13:54 -04:00
d943c3e362
Merge branch 'main' into v-smandalika-5694287-B22
2022-07-18 17:25:10 +05:30
ce56a2f150
Acrolinx Enhancement effort
2022-07-04 17:49:31 +05:30
14d52784f8
Fix indentation in XML code block
2022-06-08 17:05:19 +02:00
27e4899eda
Update microsoft-recommended-block-rules.md
2022-05-11 16:45:53 -07:00
928e3ca32e
PR 6555 updates
...
Removed Enforce Store Applications rule-option, removed _0 from all IDs, replaced all instances of "ID_FILEATTRIB_F_2_1" with "ID_DENY_INSTALLUTIL"
2022-05-11 14:13:05 -07:00
1a9fa30605
39487194 - Updated Block Rules XML code block
2022-05-10 12:58:57 -07:00
e5c29b549b
Merge branch 'main' into v-alemieux-working
2022-05-04 12:47:21 -06:00
2ea8798db3
Merge pull request #9987 from bohops/public
...
Update Block Rule Credits - Add James Forshaw
2022-05-03 20:03:13 -07:00
b2f724cfbf
Updated XML code block to include rule option 19
2022-05-03 16:19:22 -07:00
d5bcee1290
Added deny rule for IntuneWindowsAgent version 1.46.204.0 and below per vulnerability reported
2021-11-10 08:52:58 -08:00
c4e79e54fe
mega metadata update
2021-10-28 11:16:23 -07:00
d140fcbf6a
Defender App Guard Link text correction-01
...
Change to Learn more about the [Windows Defender Application Control feature availability](feature-availability.md)
2021-09-30 11:22:51 +05:30
f7e3dd91d7
Update microsoft-recommended-block-rules.md
2021-09-29 11:34:11 -07:00
5eb239ce48
Update Block Rule Credits - Add James Forshaw
...
James has discovered numerous WDAC bypasses and is credited with the addinprocess* findings.
2021-09-29 08:16:37 -04:00
a811de340b
Corrected the minversion's since cscript/wscript do not follow typical win10 bin versions
2021-09-21 14:29:35 -07:00
0478c9e056
Updated the recommended blocklist to block un-enlightened versions of cscript/wscript with versions less than 10.0.0.0
2021-09-14 16:16:32 -07:00
4467c6631d
Merge branch 'master' into aljupudi-w11defender-branch01
2021-08-24 08:39:09 +05:30
3bd09d2ae2
Update microsoft-recommended-block-rules.md
2021-08-23 10:21:15 -07:00
1cde0e2127
Update microsoft-recommended-block-rules.md
2021-08-23 10:18:11 -07:00
b7413430cf
Update microsoft-recommended-block-rules.md
2021-08-23 10:17:02 -07:00
6d34d59f54
Merge branch 'master' into pr/5531
2021-08-23 10:11:44 -07:00
ca964f9f6b
Update microsoft-recommended-block-rules.md
2021-08-23 10:08:27 -07:00
61149771d2
TASK 5358645: Windows 11 Inclusion Update -01
...
TASK 5358645: First batch of Windows 11 Inclusion updates under Windows-defender-application-control folder. (I've also made some changes to few words as per Acrolinx suggestions to meet the PR criteria).
2021-08-23 14:11:14 +05:30
721dacf612
Added latest security researcher to recommended block rules and sorted them.
2021-08-19 12:49:28 -07:00
c19a697db5
Added cscript and wscript to the Microsoft recommended blocklist
2021-08-05 14:42:03 -07:00
e967b61aa9
Links: Windows (2021-03)
2021-03-25 10:12:36 -07:00
c93d7f2b6c
massive prod & technology metadata update
2021-01-21 10:21:50 -08:00
0b0786fd86
Added contributor to the acknowledgements section
2020-10-20 14:32:35 -07:00
bdce156a22
Added mfc40.dll to recommended block list
2020-10-19 15:27:54 -07:00
3a3bdee19a
Restored original footnote numbering scheme
2020-08-27 17:05:41 -07:00
375209322e
Replaced CommonMark footnotes with <sup></sup>
...
It seems we're not using the CommonMark extension that create linked footnote numbers. I've retained the renumbering from my previous change.
2020-08-27 16:48:10 -07:00
f01afeb588
Removed repeated paragraph, applied footnote functionality
...
Changed "*" to 1 and incremented the other two footnotes.
2020-08-27 16:41:01 -07:00
853a693904
Add aspnet_compiler to recommended block rules
...
Also re-alphabetize. Some entries were out of order.
2020-08-27 14:24:14 -07:00
b192690b4b
updating blacklist/whitelist to allow/block
2020-06-15 08:51:22 -07:00
7328a258f7
Standardize 'applies to' section
2020-04-15 17:10:55 -07:00
d034371f9b
Minor edits for readability
2020-01-21 09:34:51 -08:00
c6d57cb3d1
Update recommended block list to explain not blocking 1903 files
...
msxml3.dll, msxml6.dll, and jscript9.dll do not have to be blocked if using 1903, as the previous issue was fixed in this release
2020-01-07 15:21:52 -08:00
143798dd80
reviewed items through #163
2019-12-26 15:31:03 -05:00
4da03265ac
WDAC correct ms.reviewer
...
Updating to MSFT alias instead of Git username
2019-10-25 11:01:50 -07:00
