Attack Surface Rules - Teams

BmoreOs 136 Reputation points
2022-05-04T19:48:31.817+00:00

I have enabled some ASR rules and a particular Security Mitigation log is posting non stop, every 1 minute. Anyone know what this is or what Teams is trying to do? Should I have any concerns? We haven't noticed any issues but I am worried something might pop up in the future.

198919-image.png

Microsoft Teams
Microsoft Teams
A Microsoft customizable chat-based workspace.
9,578 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,837 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,778 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,496 Reputation points
    2022-05-10T07:17:08.3+00:00

    Hi there,

    You don't need to worry about these as Exploit protection automatically applies many exploit mitigation techniques to operating system processes and apps.

    Defender for Endpoint provides detailed reporting into events and blocks as part of its alert investigation scenarios.

    Protect devices from exploits https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exploit-protection?view=o365-worldwide

    You can also use audit mode to evaluate how to exploit protection would affect your organization if it were enabled.

    When mitigation is found on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information.

    --------------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    0 comments No comments