Thank you for the quick reply. That answers the question. 
- Welcome to Support Forum: Get Support for Patch My PC Products and Services.
Patch My PC Support
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Support and General Questions (Enterprises Using ConfigMgr and Intune) / Re: Patch My PC and Attack Surface Reduction Rules
August 10, 2023, 11:39:48 PM #2
Support and General Questions (Enterprises Using ConfigMgr and Intune) / Patch My PC and Attack Surface Reduction Rules
August 10, 2023, 06:59:49 AM
Hello,
We are using PMPC alongside Intune and the Microsoft Defender Stack. Recently we switched on Attack Surface Reduction (ASR) Rules in Intune. They were designed for improving the security Posture on devices. On reviewing the Block Events we noticed the "PatchMyPC-ScriptRunner.exe" file was blocked by one Rule: "Block credential stealing from the Windows security authority subsystem."
Why is the file blocked for that reason (It needs to try to access the Windows local security subsystem LSASS). Has someone else had a similar experience and did you notice an Impact in App Distribution?
I appreciate any Feedback.
We are using PMPC alongside Intune and the Microsoft Defender Stack. Recently we switched on Attack Surface Reduction (ASR) Rules in Intune. They were designed for improving the security Posture on devices. On reviewing the Block Events we noticed the "PatchMyPC-ScriptRunner.exe" file was blocked by one Rule: "Block credential stealing from the Windows security authority subsystem."
Why is the file blocked for that reason (It needs to try to access the Windows local security subsystem LSASS). Has someone else had a similar experience and did you notice an Impact in App Distribution?
I appreciate any Feedback.
Pages1