Show ASR settings for device with PowerShell

image

I have just released a new script in my GitHub repository that will report on the local device Attack Surface Reduction settings (ASR) as shown above. You’ll find it here:

https://github.com/directorcia/Office365/blob/master/win10-asr-get.ps1

There no pre-requisites. Just run it on your Windows 10 devices to report.

If you are looking to change the ASR settings for your environment, I suggest you have a read of my previous article:

Attack surface reduction for Windows 10

I’d strongly encourage you to enable ASR across your Windows 10 fleet to reduce risks of attack.

3 thoughts on “Show ASR settings for device with PowerShell

  1. This is great. I was testing 2 policies and had my main policy with all the rules enabled as i wanted and then a second policy that just had vulnerable signed drivers rule in Audit mode. However with this script i discovered that by creating a new rule it had disabled all the rules in the main policy…. it seems that having 2 policies don’t sit well together.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s