Secure Exchanges utilise ClickOnce pour déployer les mises à jour dans C:\Users\[username]\AppData\Local\Apps\2.0\Paramètre | Valeur |
Nom de la règle | Block executable content from email client and webmail |
GUID | BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 |
Nom Intune | Execution of executable content (exe, dll, ps, js, vbs, etc.) dropped from email (webmail/mail client) (no exceptions) |





Outil | Type d'exclusion | Impact |
Intune / MDE | Per-rule | Exclusion appliquée UNIQUEMENT à la règle spécifique. |
GPO | Globale | Exclusion appliquée à TOUTES les règles ASR actives. |
MECM / SCCM | Globale | Exclusion appliquée à TOUTES les règles ASR actives. |
PowerShell | Globale | Exclusion appliquée à TOUTES les règles ASR actives. |
DLL Secure Exchanges
C:\Users\*\AppData\Local\Temp\Deployment\*\*\SecureExchangesSDK.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\OSecureExchange.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\*\OSecureExchange.resources.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\SecureExchangesSDK.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\OSecureExchange.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\SecureExchangesSDK.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\OSecureExchange.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\OSecureExchange.resources.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\*\OSecureExchange.resources.dll
Bibliothèques PDF (iText et PdfPig)
C:\Users\*\AppData\Local\Temp\Deployment\*\*\itext.*.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\UglyToad.PdfPig*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\itext.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\UglyToad.PdfPig*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\itext.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\UglyToad.PdfPig*.dll
DLL tierces
C:\Users\*\AppData\Local\Temp\Deployment\*\*\BouncyCastle.Cryptography.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\CsvHelper.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\Newtonsoft.Json.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\PhoneNumbers.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\BouncyCastle.Cryptography.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\CsvHelper.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\Newtonsoft.Json.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\PhoneNumbers.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\BouncyCastle.Cryptography.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\CsvHelper.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\Newtonsoft.Json.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\PhoneNumbers.dll
Runtime .NET et VSTO (nouvelle section)
C:\Users\*\AppData\Local\Temp\Deployment\*\*\Microsoft.*.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\System.*.dll
C:\Users\*\AppData\Local\Temp\Deployment\*\*\netstandard.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\Microsoft.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\System.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\netstandard.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\Microsoft.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\System.*.dll
C:\Users\*\AppData\Local\Apps\2.0\*\*\*\netstandard.dll





$dlls = @(
"SecureExchangesSDK.dll", "OSecureExchange.dll",
"itext.*.dll", "UglyToad.PdfPig*.dll",
"BouncyCastle.Cryptography.dll", "CsvHelper.dll",
"Newtonsoft.Json.dll", "PhoneNumbers.dll",
"Microsoft.*.dll", "System.*.dll", "netstandard.dll"
)
$prefixes = @(
"C:\Users\*\AppData\Local\Temp\Deployment\*\*",
"C:\Users\*\AppData\Local\Apps\2.0\*\*",
"C:\Users\*\AppData\Local\Apps\2.0\*\*\*"
)
foreach ($p in $prefixes) {
foreach ($d in $dlls) {
Add-MpPreference -AttackSurfaceReductionOnlyExclusions "$p\$d"
}
}
# Ressources localisées (sous-dossier de culture, ex. fr-CA)
Add-MpPreference -AttackSurfaceReductionOnlyExclusions "C:\Users\*\AppData\Local\Temp\Deployment\*\*\*\OSecureExchange.resources.dll"
Add-MpPreference -AttackSurfaceReductionOnlyExclusions "C:\Users\*\AppData\Local\Apps\2.0\*\*\*\OSecureExchange.resources.dll"
Add-MpPreference -AttackSurfaceReductionOnlyExclusions "C:\Users\*\AppData\Local\Apps\2.0\*\*\*\*\OSecureExchange.resources.dll"
