Why is SmartScreen blocking code.visualstudio.com but yet visualstudio.com works fine?

Rob Brown 41 Reputation points
2024-06-20T10:06:31.2933333+00:00

We're trialing Defender as a replacement to Sophos (I'm tired of being let down by Sophos's product team).

We've got what appears to be a healthy configuration in testing - including content filtering blocks.

Testers can access visualstudio.com just fine (as they should) but get a smartscreen denial for code.visualstudio.com (which they shouldn't be denied on) - trying to understand why Microsoft are blocking one of their own sites...

In addition to which, the ADMX controls for bypass. don't appear to work:

User's image

User's image

Open to suggestions at this point - as it's really not playing ball:

User's image

Microsoft Edge
Microsoft Edge
A Microsoft cross-platform web browser that provides privacy, learning, and accessibility tools.
2,366 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Jinxin Wang (Shanghai Wicresoft Co Ltd) 2,185 Reputation points Microsoft Vendor
    2024-06-21T02:46:17.7766667+00:00

    Hi @Rob Brown,

    I read your description. According to the screenshot, the value of the "SmartScreenAllowListDomains" policy is configured correctly. So according to this prompt, please first confirm one thing: whether your company has configured relevant policies to prohibit access to "code.visualstudio.com".

    In addition, please note that if your organization has enabled Microsoft Defender for Endpoint, this policy and any allow list created with it will be ignored. You must configure your allow and block lists in Microsoft 365 Defender portal using Indicators (Settings > Endpoints > Indicators). You can refer to this link for more detailed information.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best regards,

    Jinxin Wang


  2. Rob Brown 41 Reputation points
    2024-06-27T11:48:53.63+00:00

    @Jinxin Wang (Shanghai Wicresoft Co Ltd)
    Found the issue. Turns out when you enable the integration between Defender Portal and InTune portal, the switch for custom indicators gets reset and needs to be re-enabled again - and I'd missed it when reviewing the problem.

    Switch is enabled again, and now indicators are working properly.

    Would strongly suggest an update to the Defender guidance\FAQ.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.