cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Block Bluetooth file transfer

%3CLINGO-SUB%20id%3D%22lingo-sub-3186855%22%20slang%3D%22en-US%22%3EBlock%20Bluetooth%20file%20transfer%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3186855%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20we%20use%20Defender%20for%20Endpoint%20to%20block%20file%20transfer%20using%20Bluetooth%3F%3C%2FP%3E%3CP%3EWe%20use%20Intune%5CMEM.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3220829%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Bluetooth%20file%20transfer%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3220829%22%20slang%3D%22en-US%22%3EHi%20Sohel%2C%3CBR%20%2F%3E%3CBR%20%2F%3EYes%2C%20you%20can%20configure%20the%20Bluetooth%20allowed%20services%20setting%20in%20Device%20control%20policy%20which%20is%20a%20part%20of%20Attack%20Surface%20reduction%2C%20and%20specify%20which%20services%20you%20want%20to%20allow.%20Below%20provides%20more%20details.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fclient-management%2Fmdm%2Fpolicy-csp-bluetooth%23bluetooth-servicesallowedlist%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fclient-management%2Fmdm%2Fpolicy-csp-bluetooth%23bluetooth-servicesallowedlist%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThanks%2C%3CBR%20%2F%3ESi%3C%2FLINGO-BODY%3E
Sohel
Occasional Contributor

‎Feb 18 2022 08:26 PM

‎Feb 18 2022 08:26 PM

Block Bluetooth file transfer

Can we use Defender for Endpoint to block file transfer using Bluetooth?

We use Intune\MEM.

 

Thanks.

530 Views
0 Likes
3 Replies
Reply
3 Replies
s_sim1290

‎Feb 28 2022 06:13 AM

‎Feb 28 2022 06:13 AM

Re: Block Bluetooth file transfer

Hi Sohel,

Yes, you can configure the Bluetooth allowed services setting in Device control policy which is a part of Attack Surface reduction, and specify which services you want to allow. Below provides more details.

https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-bluetooth#bluetooth-servic...

Thanks,
Si
0 Likes
Reply
Sohel

‎Feb 28 2022 08:24 AM

‎Feb 28 2022 08:24 AM

Re: Block Bluetooth file transfer

@s_sim1290 

 

Hi Si,

 

I don't see hex value for "file transfer blocking" in link, any idea? 

0 Likes
Reply
Max-MS

‎Apr 25 2022 04:22 AM

‎Apr 25 2022 04:22 AM

Re: Block Bluetooth file transfer

@Sohel Hey,
to my understanding of how we block file transfer with Bluetooth is to do not allow the file transfer service in the Device Control policy that are related to allow the file transfer. So I think I would add all Bluetooth services to the "Bluetooth allowed services" list except those which would allow the file transfer.

So, do not add the following Bluetooth services to the "Bluetooth allowed services" list:

MaxMS_1-1650885336653.png

The ID´s that you should not add to your intune policy´s Bluetooth service allow list are the following:

  • 00001105-0000-1000-8000-00805F9B34FB
  • 00000008-0000-1000-8000-00805F9B34FB

If you do configure all your Bluetooth services all in one policy.

It would be appreciated if some of you pros could confirm my approach and see if I'm on the right track.

Thank you.

 

0 Likes
Reply