You can try to track ASR audit report in M365, which ASR rule causes that block and then remove that single ASR rule.
ASR Rule blocks Outlook Add-In
Hello there
We've deployed ASR Rules via Sec. Basline for our customer. We've also installed an Outlook Plug-in (officeatwork) for managing Signatures in Outlook. On one device the ASR-Rule blocks the Outlook Add-In via "msedgewebview2.exe".
On the other device in the same tenant, same configuration everything is fine, no blocks.
How does it come? Any ideas?
Best regards
2 answers
Sort by: Most helpful
-
Pavel yannara Mirochnitchenko 12,576 Reputation points MVP
2023-07-13T12:08:15.0933333+00:00 -
Troy Nabbefeld 165 Reputation points
2023-07-13T14:33:53.9433333+00:00 I would deploy ASR rules via an Endpoint security Attack Surface Reduction Rules Policy. This allows you to put every rule on audit to begin with and monitor them to detect valid behaviors that shouldn't be blocked by the policy. Once you detect them, you can add per rule exclusions to each ASR rule. See screenshots below for instuctions.
If the response is helpful, please click "Accept Answer" and upvote it.