Firefox Triggers Attack Surface Reduction Rules
Hello. I am an IT administrator at my company. We deploy Attack Surface Reduction policies in Windows Defender antivirus. We do not deploy Firefox Enterprise and don't plan to, but we also do not block users that want to download it. However, users that do use it report receiving alerts from Defender that some Firefox executables "do not meet a prevalence, age, or trusted list criteria" and get blocked. I installed version 111 on a machine to test, played a bit and then uninstalled it. While I didn't get these during installation or regular browsing, I did receive these errors when uninstalling. I reinstalled and uninstalled again and the same occurred. Could you please investigate and hopefully get them on trusted lists? Thank you.
Firefox v. 111.0.1 (consumer) Windows 10 devices Microsoft Defender antivirus ASR Policy violation: Block executable files from running unless they meet a prevalence, age, or trusted list criteria
Executables affected: C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe C:\Program Files\Mozilla Firefox\uninstall\uninstaller.exe C:\WINDOWS\TEMP\~nsuA.tmp\Un_A.exe C:\WINDOWS\TEMP\~nsuA.tmp\Un_B.exe .... C:\WINDOWS\TEMP\~nsuA.tmp\Un_Y.exe C:\WINDOWS\TEMP\~nsuA.tmp\Un_Z.exe C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe->(VFS:Uninstall.exe#1)