Forum Discussion
subhashv1986
Nov 10, 2023Copper Contributor
ASR rule - Block Adobe Reader from creating child processes
Hi everyone,
IN our MS defender for Endpoint, we have used ASR rule to block Adobe to create a child process and it configured as BLOCK but we are still seeing in Security recommendation - Block Adobe Reader from creating child processes and shows all exposed endpoints. Do you have ever faced the same issue ?
2 Replies
Sort By
- adiiiBrass ContributorHi, so the policy is working on your endpoints when you check ASR Reports? Or is your problem, that exposed endpoints stats are not up to date yet?
- subhashv1986Copper Contributorits not implemented - I see from the report its grayed out we have used option BLOCK in ASR rule. I see in Security Baseline policy it was implemented as enable which we reverted and made it not configured. What its not yet implemented, any clues ?