Microsoft Secure score not updating after implementation of Attack Surface Reduction

<p>Hello everyone,</p>

<p>I wanted to share that we have successfully implemented <strong>Attack Surface Reduction (ASR)</strong> rules across our endpoint devices as part of our ongoing security hardening efforts. These configurations are actively deployed and enforced through Intune ASR to help mitigate common attack vectors like Office macro abuse, executable content from email/web, and other high-risk behaviors.</p>

<p>However, we’ve noticed that despite this implementation, some ASR-related recommendations are still appearing in Microsoft Secure Score. This can occur due to delays in telemetry updates, device reporting issues, or Secure Score metrics not immediately reflecting policy enforcement across all endpoints.</p>

<p>We are currently reviewing the underlying data and device reporting to ensure full visibility and alignment with Secure Score.</p>