Add to the list of Windows defenses that don't seem to do anything: Starting with Windows 11 22H2, Software Restriction Policies (SRP) no longer seem to do anything. Hopefully nobody is relying on this capability!
Replying to @NathanMcNulty
2 problems: 1) NTFS-level no-exec perms catch EXE and friends. But not other things like JS, HTA... 2) Path-based Software Restriction Policies work way better for blocking things that run. The kicker: Starting with Win11 22H2, newly-created policies don't work. Bugs everywhere!

Nov 5, 2022 · 10:24 PM UTC

5
38
5
101
How does the saying go? One step forward, two steps back?
4
15
To visualize this bug in action: Here's a Win11 21H1 system with SRP working fine. Rebooting to install 22H2 (with the boring parts sped up) results in a system with SRP not working at all. Is there any way to interpret this in a way other than Win11 22H2 breaks SRP (for most)?
2
1
1
10
GIF
People in early July 2022: SRP doesn't work with Win11 22H2. Microsoft in late October 2022: "You can use SRP" with Windows 11. Why is the disconnect between what Microsoft says about their software and how it works in the real world a recurring theme? techcommunity.microsoft.com/…
9
Replying to @wdormann
As foundational as SRP was, it really is irrelevant as a modern application control solution (even if it can still do something* in previous OS versions)
1
1
If it's never been officially announced as deprecated or no longer functional, and it's still advertised as a thing that works... Is is really irrelevant?
2
Replying to @wdormann
One more reason to stay with Windows 10 …
2
This is a stock Win11 22H2 system. There is no AppLocker policy. At least, none that is visible in the group policy editor.
Replying to @wdormann @cyb3rops
It Will be a paid extra working feature soon 😂
1