-
|
With Windows 11 2022 update, the vulnerable driver blocklist is enabled by default for all devices.. When creating a policy, WDAC Policy wizard app has an option to integrate Microsoft recommended block rules with the policy we are creating. Is it necessary to do it when HVCI and Memory Integrity are already turned on in Windows (Which means Windows uses the recommended driver block rules)? it's important to know this because I don't want to be enforcing the recommended driver block rules in two places at the same time. Thanks |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
If you only manage Windows 11 22H2 systems, then you don't need the recommended driver block rules in your WDAC policy. Otherwise, you should have the driver block rules in your policy. In either scenario, you should have the recommended user mode rules |
Beta Was this translation helpful? Give feedback.
-
|
Thank you very much! |
Beta Was this translation helpful? Give feedback.
If you only manage Windows 11 22H2 systems, then you don't need the recommended driver block rules in your WDAC policy. Otherwise, you should have the driver block rules in your policy.
In either scenario, you should have the recommended user mode rules