Does the actiontype actually say block? Where are you configuring the exclusions in ASR? Per rule or all?
Windows Defender ASR blocking msedgewebview2.exe for an EXCEL plugin
We have an issue where an ASR rule "Block all Office applications from creating child processes" keeps blocking this S&P CapIQ plugin that Excel uses and prevents the user from being able to leverage the app properly.
here are some screenshots of the timeline section in the defender portal:
we have tried to add it as an exclusion as below, but no matter what type of exclusion even if we do the directory, it still fails.... and blocks the plugin.
any suggestions on how we can get this to work? why does ASR so sensitive and not as friendly when it comes to the excludes, it doesn't really seem to make much sense.