Settings Catalog Policies that are set as Blocked are being detected as Audited

Copper Contributor

Hello,
Our Settings Catalog ASR policies that are set as Blocked are being detected as Audited within Secure Score.
It seems to have started on 11/13.
The rules that have been impacted:
Block untrusted and unsigned processes that run from USB
Block Adobe Reader from creating child processes
Block JavaScript or VBScript from launching downloaded executable content
Block persistence through WMI event subscription
Block executable files from running unless they meet a prevalence, age, or trusted list criterion
Block Office communication application from creating child processes
Block Office applications from creating executable content
Block Office applications from injecting code into other processes
Block execution of potentially obfuscated scripts

I have updated my policy in the hopes that it redetects everything is set to blocked, will update this post if it works.
*Update* It sadly does not.

Thank you very much,

2 Replies

Hey @MathiasSF 

 

Are you still experiencing issues with this?