Policy

Exclude files and paths from Attack Surface Reduction Rules

Windows 11 25H2

Back to categoryOpen picker

Policy overview

Key metadata and intent for this policy.

ClassComputer
CategoryWindows Components > Microsoft Defender Antivirus > Microsoft Defender Exploit Guard > Attack Surface Reduction
Supported onAt least Windows Server 2016, Windows 10 Version 1709

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

Exclude files and paths from Attack Surface Reduction (ASR) rules. Enabled: Specify the folders or files and resources that should be excluded from ASR rules in the Options section. Enter each rule on a new line as a name-value pair: - Name column: Enter a folder path or a fully qualified resource name. For example, ""C:\Windows"" will exclude all files in that directory. ""C:\Windows\App.exe"" will exclude only that specific file in that specific folder - Value column: Enter ""0"" for each item Disabled: No exclusions will be applied to the ASR rules. Not configured: Same as Disabled. You can configure ASR rules in the Configure Attack Surface Reduction rules GP setting.

Internal name
ExploitGuard_ASR_ASROnlyExclusions
Policy ID
9471c1c5775d
Elements
1

Registry values

How enabled and disabled states update the registry.

No explicit registry values are set for enabled or disabled states.

Policy elements

Inputs and configuration options exposed by this policy.

ElementTypeRegistry mappingConstraints & behavior
Exclusions from ASR rules:
ID ExploitGuard_ASR_ASROnlyExclusions
list
HKLM\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR\ASROnlyExclusions\ExploitGuard_ASR_ASROnlyExclusions
Type REG_MULTI_SZ
List: additive, explicit value

Other policies in this category

Explore related policies at the same level.