windows-itpro-docs
windows-itpro-docs copied to clipboard
Recommended Block Rules Allow All?
By default the block rules allows all files. The specifics around deployment of this policy aren't specified in this page. For example, if you Merge-CIPolicy this policy into another policy--and don't really check what's going on, you'll actually "Allow All" files inadvertently. This caused me a little confusion as to why my WDAC log wasn't firing when I executed Putty.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 6e8740b8-c1f2-4b88-3d4d-66cdbf20215f
- Version Independent ID: 7986a684-b35d-06bd-be30-dfca9923cb9c
- Content: Microsoft recommended driver block rules (Windows) - Windows security
- Content Source: windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
- Product: m365-security
- GitHub Login: @jgeurten
- Microsoft Alias: dansimp