Forum Discussion
Exploit Prevention Blocking EXE files
My environment is having an issue where exe files are being blocked when executed via a remote share. It appears Exploit Prevention is blocking but it does not happen for every user.
I have placed an exclusion using Set-ProcessMitigation -Name filename.exe -Disable BlockRemoteImageLoads and the issues still persist.
We do not use Defender for Endpoint as a solution and are not managing Exploit Guard policy via GPO, SCCM, or InTune.
Also I have verified the process mitigation is disabled using PowerShell.
ImageLoad:
BlockRemoteImageLoads : OFF
AuditRemoteImageLoads : NOTSET
Override BlockRemoteImages : False
BlockLowLabelImageLoads : OFF
AuditLowLabelImageLoads : NOTSET
Override BlockLowLabel : False
PreferSystem32 : NOTSET
AuditPreferSystem32 : NOTSET
Override PreferSystem32 : False
This randomly started a few days ago and I'm at a loss for how to move forward and why this occured all the sudden.