Share via

Windows Defender Exploit Guard should be enabled on your machines Policy not showing compliant

bengt bengan 20 Reputation points
2023-08-09T21:31:12.11+00:00

Hi,

This Policy "Windows Defender Exploit Guard should be enabled on your machines" is showing not compliant because the hash value is not correct of the guest configuration. But the standard WindowsDefenderExploitGuard guest configuration is showing compliant in the portal.

The error message from the Policy is that parameterhash target value is not correct. Current value is showing "".

I know that you can create DSC package and store them in storage account and then you need to add a hash when you create the guest configuration but we don't want to spend so much time on that. We only want the Policy to be compliant.

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
992 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. tbgangav-MSFT 10,431 Reputation points
    2023-08-22T16:52:03.1+00:00

    Hi @bengt bengan ,

    One potential solution could be to review the compliance data available from within the Configuration Manager console and ensure that the Windows Defender Exploit Guard policy is properly configured and deployed. Additionally, it may be helpful to review the compliance controls for Azure Virtual Machines and Azure Arc-enabled servers outlined in the context to ensure that all necessary security measures are in place.

    Related references are:

    This response is partially based on Q&A AI Assist and has been posted here only after manually validating the accuracy of the response.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.