Apply a list of exclusions to specific attack surface reduction (ASR) rules
Supported on: At least Windows Server 2016, Windows 10 Version 1709
Registry
HKLM
Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR Value name: ExploitGuard_ASR_ASROnlyPerRuleExclusions
Options
List (registry values) list
- list under
Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR\ASROnlyPerRuleExclusions Description
This policy allows an administrator to specify a list of exclusions for specific ASR rules. Each entry is a name-value pair. The key indicates the rule GUID, and the value is a set of full paths separated by the > character, indicating the exclusions for that particular ASR rule. NOTE: The GUID is a KEY, not a value. Example: KEY: "{75668C1F-73B5-4CF0-BB93-3ECF5DB7C484}" VALUE: "C:\Notepad.exe>c:\regedit.exe>C:\SomeFolder\test.exe"