EMET GPO Default Protects for Recommended Software conflicting with Application Configuration GPO

Hello,

I am trying to have Excel15 launch with the -EAF mitigation removed, but also have the "Default Protections for Recommended Software" policy Enabled. This is to allow the Microsoft Power Query Ad--In to function using Excel 365 Pro Plus x64.

It seems that the "Default Protections for Recommended Software" is taking precedent over the manually configured  "Application Configuration" Enabled policy.

I have the  Application Configuration Enabled and looks like:

- C:\Program Files\Microsoft Office 15\root\office15\excel.exe -EAF

- *\Microsoft Office\OFFICE15\EXCEL.EXE -EAF

- *\Microsoft Office 15\root\office15\excel.exe -EAF

Any help would be greatly appreciated to get Excel launching without the -EAF mitigation.

Thanks,



  • Edited by LorddelCasa Wednesday, February 04, 2015 12:36 AM
February 4th, 2015 3:34am

if I understood correctly from talking to EMET feedback team last time, they said  App Config settings don't actually override any the default app or popular or IE protection profiles. (it really seems like App config settings override the other profiles from the manual, hey? I thought so as well) 

Sooo, it sounded like we'd need to extract the recommended or popular app list, convert it to the path + mitigation not included format for the app config GPO and then just use app config to manage it. 

Needless to say it sounded surprising and laborious and not management by exception at all. 

Rinse repeat for new versions of emet and XML policy files . 


p.s what would be really helpful in the admin guide is some real world examples of contoso.local where they apply the recommended apps + a few exceptions for all + custom exceptions for a separate class of  machines or groups of users. hmeh.



Free Windows Admin Tool Kit Click here and download it now
February 4th, 2015 1:56pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics