If you use Microsoft Defender for Endpoint Attack Surface Reduction (ASR) rules in your organization, then some of them can block for certain functionality in Ampler.
To allow Ampler to fully function, it’s recommended that you add the exclusions below to your ASR rules in Intune.
| ASR Rule | Exclusions | For which Office program is this necessary? | For which feature is this necessary? |
|---|---|---|---|
| Block Office communication application from creating child processes |
C:\Program Files (x86)\Ampler\* C:\Program Files (x86)\Ampler\*\* C:\Program Files (x86)\Ampler\*\*\* C:\Program Files (x86)\Ampler\*\*\*\* | Outlook |
This allows Ampler to reload the toolbar at runtime when an administrator edits the toolbar to try it out before publishing it to the whole organization. Also, it enables Ampler to trigger Email Signature synchronization from within Outlook when users make changes their User Profile. |
| Block all Office applications from creating child processes |
C:\Program Files (x86)\Ampler\* C:\Program Files (x86)\Ampler\*\* C:\Program Files (x86)\Ampler\*\*\* C:\Program Files (x86)\Ampler\*\*\*\* | PowerPoint, Word, Excel | This allows Ampler to reload the toolbar at runtime when an administrator edits the toolbar to try it out before publishing it to the whole organization. |
| Block Office applications from creating executable content |
C:\Program Files (x86)\Ampler\* C:\Program Files (x86)\Ampler\*\* C:\Program Files (x86)\Ampler\*\*\* C:\Program Files (x86)\Ampler\*\*\*\* | PowerPoint, Excel, Word, Outlook | Usually, Ampler’s autoupdate only run outside Office, so warnings for this rule should not occur. But if you do experience warnings, you can add the exclusions. |
| Block Office applications from injecting code into other processes |
C:\Program Files (x86)\Ampler\* C:\Program Files (x86)\Ampler\*\* C:\Program Files (x86)\Ampler\*\*\* C:\Program Files (x86)\Ampler\*\*\*\* | PowerPoint | This can sometimes happen when users open the Ampler Charts datasheet. |