Forum Discussion
GPO PreventSmartScreenPromptOverrideForFiles
We have activated the following GPO => Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads, as it's written in the Security Baseline. Now we have a Problem that an Internal Web Application provide MSI download and the GPO is blocking the download.
Do we have an option to only unlock Internal URL/ Web Application? Because we won't such download unlock for all URL's.
- Kelly_YMicrosoft
re_bl Hi! I just took a look at our policy documentation. Have you tried to use the
SmartScreenAllowListDomains Policy? (https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#smartscreenallowlistdomains)
It mentions "Configure the list of Microsoft Defender SmartScreen trusted domains. This means: Microsoft Defender SmartScreen won't check for potentially malicious resources like phishing software and other malware if the source URLs match these domains. The Microsoft Defender SmartScreen download protection service won't check downloads hosted on these domains."
Thanks!
-Kelly