none
Software Restriction Policy causing Windows 10 to hang during major update RRS feed

  • Question

  • Good day everyone. My company uses Software Restriction Policy (SRP) to do Application Whitelisting for our network. It works fine for Windows 7, but causes Windows 10 to become unresponsive when it has major(?) updates pending. During a login attempt we get a black screen with a mouse but nothing else. If I move the computer out of the OU with SRP in Active Directory it starts working properly again and the pending updates run. Once the updates are done and I put it back in the SRP enabled OU it still works until the next major update.

    SRP is configured to disallow everything by default. The program files, program files x86, programdata and windows folders are all allowed plus software authorised by my company.

    I cannot find any errors in the event log that indicate what is happening. I do not want to disable SRP. How can I trace the problem and configure SRP to allow these updates?

    Tuesday, January 14, 2020 1:35 PM

Answers

All replies

  • Hi

     

    Adding an Unrestricted Path rule to SRP that covers C:\ProgramData\Microsoft\Windows Defender solves this problem, letting DLLs used by the definition updater mpsigstub.exe load and run.

    Here is a similar thread you could refer to it:

    Software Restriction Policy breaks Windows Defender definition updates

    https://social.technet.microsoft.com/Forums/en-US/1afeb5c9-0aee-47f6-b678-7d26bb201b3a/software-restriction-policy-breaks-windows-defender-definition-updates?forum=win10itprosecurity

     

    Hope can help you. Have a nice day!

     

    Best Regards,

    Kiki

     


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 15, 2020 8:22 AM
  • Hello,

    Thank you for posting in our forum.

    Here is a similar thread  refer to our issue:Software Restriction Policy - Issues with Windows Defender  

    Hope the information can be helpful and if there is anything else we can do for you, please feel free to post in the forum.

    Best regards,
    Cynthia

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, January 15, 2020 10:00 AM
  • Hi,

     

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

     

    Best Regards,

    Kiki


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, January 16, 2020 2:02 AM
  • Hi Kiki. I just got notification of the responses. I don't have any more computers with pending major updates to test, so I cannot confirm the fix worked. However, I am implementing the path rule, so if I don't get any errors within 2 or more weeks, I will assume it works.

    Thanks for the assistance.

    Trevor

    Thursday, January 16, 2020 6:01 PM
  • Hi,

     

    OK, we are looking forward to your update.

    Have a nice day!

     

    Best Regards,

    Kiki


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, January 17, 2020 1:27 AM
  • Good day Kiki. Its been almost 2 weeks with no further errors. As such I think your fix worked. Thanks again for the help.
    Wednesday, January 29, 2020 2:04 PM
  • Note for anyone else viewing this thread. The problem does not in any way appear to be with Windows Defender. For me, I just got a black screen with the mouse and no error messages. Nor did I get any SRP errors. It was just a hunch why I got suspicious and disabled SRP during testing. So if your Win 8.1 / 10 computer hangs when trying to run an update and you have SRP enabled, try the solution and see if it helps.
    Wednesday, January 29, 2020 2:09 PM
  • Hi,

    I am glad to hear that your issue was successfully resolved.

    Have a nice day!

    Best Regards,

    Kiki


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Saturday, February 1, 2020 6:20 AM