
Does the actiontype actually say block? Where are you configuring the exclusions in ASR? Per rule or all?
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We have an issue where an ASR rule "Block all Office applications from creating child processes" keeps blocking this S&P CapIQ plugin that Excel uses and prevents the user from being able to leverage the app properly.
here are some screenshots of the timeline section in the defender portal:
we have tried to add it as an exclusion as below, but no matter what type of exclusion even if we do the directory, it still fails.... and blocks the plugin.
any suggestions on how we can get this to work? why does ASR so sensitive and not as friendly when it comes to the excludes, it doesn't really seem to make much sense.
Does the actiontype actually say block? Where are you configuring the exclusions in ASR? Per rule or all?