Agreed. I was assuming that Microsoft's Intelligent Security Graph would be smart enough to allow Microsoft's EXE that are required to run windows to run by default.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Heaton, Joseph@Wildlife Sent: Thursday, February 1, 2018 11:21 AM To: mssms@lists.myitforum.com Subject: [mssms] RE: Defender Application Control Well, if it blocks notepad, it has no way to read the text file. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of John Aubrey Sent: Thursday, February 1, 2018 5:22 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] Defender Application Control Has anyone used Defender Application Control policy in SCCM yet? I have a basic policy with the "Authorize software that is trusted by the Intelligent Security Graph" option enabled. Once my test PC checks in, notepad doesn't work and if I reboot, the system is bricked and won't boot. Says it can't access a txt file that is used for event logs. I would have thought the Intelligent Security Graph option would at least let Windows boot....
