Add to the list of Windows defenses that don't seem to do anything: Starting with Windows 11 22H2, Software Restriction Policies (SRP) no longer seem to do anything. Hopefully nobody is relying on this capability!
2 problems: 1) NTFS-level no-exec perms catch EXE and friends. But not other things like JS, HTA... 2) Path-based Software Restriction Policies work way better for blocking things that run. The kicker: Starting with Win11 22H2, newly-created policies don't work. Bugs everywhere!
Nov 5, 2022 · 10:24 PM UTC
To visualize this bug in action: Here's a Win11 21H1 system with SRP working fine. Rebooting to install 22H2 (with the boring parts sped up) results in a system with SRP not working at all. Is there any way to interpret this in a way other than Win11 22H2 breaks SRP (for most)?
People in early July 2022: SRP doesn't work with Win11 22H2. Microsoft in late October 2022: "You can use SRP" with Windows 11. Why is the disconnect between what Microsoft says about their software and how it works in the real world a recurring theme? techcommunity.microsoft.com/…