Forum Discussion
Removing attack surface reduction rules not possible
Hi We have implemented attack surface reduction rules in my company on all windows 10 pc's. We audited for a few months and created exclusions which worked well. Now we have a new program th...
Did you use ConfigMgr to configure the ASR the first time? Just checking, but can you confirm that you don’t have conflicting policies coming from elsewhere like GPO?
Hi, yes we did use SCCM to implement it, and we do not have any GPO's with ASR set anywhere. These rules were not configured at all before implementing through SCCM
Thanks for the confirmation. Some ASR policies may require a reboot for changes to reflect. Have the devices been rebooted at least once? Maybe run a RSOP on a device in question just to be sure there are no other conflicts. If you have Security baselines containing Defender settings coming from GPO, then that could be taking precedence as well.