Share via

Impossible to open .hta file after activating the Control Application (ARS / Intunes)

David B 41 Reputation points
2022-05-06T14:36:52.133+00:00

Hi,

After activating the "Application Control" of ARS in Intunes, I can no longer run files with the .hta extension. I have no error messages or alerts in Defender.

199686-capture.png

I deleted the strategy to go back, the blockage persists.

Microsoft Security | Intune | Configuration
Microsoft Security | Intune | Other
0 comments
Accepted answer
  1. Lu Dai-MSFT 28,496 Reputation points
    2022-05-10T01:41:42.113+00:00

    @David B Thanks for your update.

    If you want to configure this setting to "Not configured", it seems a workaround that try to find the registry key of this setting and then change the registry key to remove the setting.

    If you want to make it via intune, it is needed to do the following actions:

    1. Please remove the group in assignment of the Control Application policy.
    2. Create a Powershell Script that can change the registry key of the target setting.
    3. Deploy this script via intune.
      https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension

    Hope it will give you some ideas.

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lu Dai-MSFT 28,496 Reputation points
    2022-05-09T01:37:05.62+00:00

    @David B Thanks for posting in our Q&A. From your description, did you mean that you have removed the group in assignment, but this policy still worked? If there is anything unclear, please correct me.

    For this issue, it seems that this policy is tattooed. Intune deploys policies based on the windows CSPs. The tattoo is an issue or limitation from Windows CSPs. For more details, please refer to the following link:
    https://www.anoopcnair.com/intune-policy-tattooed-not-tattooed-windows-csp/
    Note: Non-Microsoft link, just for the reference.

    Thanks for your understanding.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. David B 41 Reputation points
    2022-05-09T09:58:41.087+00:00

    Hi,

    thank you for your feedback

    Yes, we have removed the group in assignment

    0 comments
  3. David B 41 Reputation points
    2022-05-10T12:55:01.89+00:00

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.