Agreed. I was assuming that Microsoft's Intelligent Security Graph would be smart enough to allow Microsoft's EXE that are required to run windows to run by default.
From: [email protected] [mailto:[email protected]] On Behalf Of Heaton, Joseph@Wildlife Sent: Thursday, February 1, 2018 11:21 AM To: [email protected] Subject: [mssms] RE: Defender Application Control Well, if it blocks notepad, it has no way to read the text file. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of John Aubrey Sent: Thursday, February 1, 2018 5:22 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] Defender Application Control Has anyone used Defender Application Control policy in SCCM yet? I have a basic policy with the "Authorize software that is trusted by the Intelligent Security Graph" option enabled. Once my test PC checks in, notepad doesn't work and if I reboot, the system is bricked and won't boot. Says it can't access a txt file that is used for event logs. I would have thought the Intelligent Security Graph option would at least let Windows boot....
