Add to the list of Windows defenses that don't seem to do anything: Starting with Windows 11 22H2, Software Restriction Policies (SRP) no longer seem to do anything. Hopefully nobody is relying on this capability!
Replying to @NathanMcNulty
2 problems: 1) NTFS-level no-exec perms catch EXE and friends. But not other things like JS, HTA... 2) Path-based Software Restriction Policies work way better for blocking things that run. The kicker: Starting with Win11 22H2, newly-created policies don't work. Bugs everywhere!
5
38
6
102
Replying to @wdormann
As foundational as SRP was, it really is irrelevant as a modern application control solution (even if it can still do something* in previous OS versions)

Nov 5, 2022 · 11:17 PM UTC

1
1
Replying to @bohops
If it's never been officially announced as deprecated or no longer functional, and it's still advertised as a thing that works... Is is really irrelevant?
2
1