MDM vs MicrosoftSense in Attack Surface Reduction | Welcome to Pariswells.com

MDM vs MicrosoftSense in Attack Surface Reduction

July 14, 2023
Research
0 Comments
paris

Nasty 0 Day doing the rounds at the moment

CVE-2023-36884 – Security Update Guide – Microsoft – Office and Windows HTML Remote Code Execution Vulnerability

Recommended route to fix this is the Attack Surface Reduction Rule Block all Office applications from creating child processes

Deploying this through Intune is Simple , but what about servers? Remember Intune only works with Windows Devices

ASR rules actually work for Servers IF they have been onboarded into Defender

Make sure the ASR policy Targets MicrosoftSense

Onboarded in MDE is MicrosoftSense

MDM is Intune

Items that work on MDR in ASR Attack surface reduction rules reference | Microsoft Learn

https://blog.mindcore.dk/2023/02/assign-asr-rules-to-your-non-enrolled-devices-through-microsoft-intune/

2 Stars

3 Stars

4 Stars

5 Stars

(No Ratings Yet)

Loading...

Andrea Rochira Well, this solution still works in 2023 and better than PowerShell! Thank you.
Copy file to workstations with Windows Intune · September 19, 2023
Emre Temel Thank you for this information. You save my life. 🙂
Exchange Setup – A required audit event could not be generated for the operation · September 18, 2023
Ilya L Missing \ before *, other than that, 👍. Schedule it to run monthly via Task Scheduler... 👍👍
Script to Delete ServiceWorker Cache on Google Chrome and Microsoft Edge · August 20, 2023
jack Thank you paris, one server got stuck on the SSPI failed and the solutution fixed it!!
Using Powershell to Send Emails via Mimecast · August 2, 2023
Maurece The information I needed when I needed it, Thanks Pariswells.com
Mimecast – Relaying from External to External using a forward ( External Relay ) · April 13, 2023

Powered by WordPress | Made with ❤ by Themely