Windows 10 Creators update 1703 has a "Enforcement" BUG - Microsoft Community


start - run - gpedit.msc - computer configuration - windows settings - security settings - software restriction policies , right click on , choose new software restriction policies .

we activated program blocking rules 

under  software restriction policies  double click enforcement  and choose software files , apply - finish
try start  microsoft edge  , give use strange error , doesn't work , suc bug doesn't exist on windows 10 verison 1607 

have had same thing, in reverse.

we had srp software files enabled across our domain working fine until applied 1703 update.

i making final touches our sccm image when i stumbled across issue student test account.

after days of testing find fault , ruling out many other suggestions, including cache issues due sysprep, discovered image worked ok until joined to domain.

this issue effects domain users without local admin.

as policy set "all software files except libraries (such dll's)" , computer has been restarted , applied gpo update, edge works should.

still looking need add additional rules in srp lock down again or finding actual update fix don't have have security issue new image.

any ideas or suggestions grateful.



Windows / Windows 10 / Security & privacy / PC



Comments

Popular posts from this blog

$AV_ASW folder - Microsoft Community

WTouch_Message_Window app running in the background is preventing - Microsoft Community

Windows error No Certificate Available - Microsoft Community