Forum Discussion
Attack Surface Reduction rules with Packaged app
Our application is a Packaged App, distributed using a signed MSIX package. The executable files inside the MSIX package is not signed, since it is our belief that this is not promoted by Microsoft. ...
Hello, I am unaware of solution, but why doesn't excluding the application executables from the highly used ASR rules.
Hi Chandra,
I'm not really familiar with the ASR rules myself, but the problem our customer is indicating is;
our .exe-file is not signed using a code signing certificate, only the application package itself (msix package). In my understanding, this should be enough to be able to specify ASR rules for the application, but our customer is telling me they can only verify certificates on the .ex itself.
The problem is that it is not possible to sign the .exe files when building a signed msix using Microsoft's tools.
