Open felinepc opened 3 years ago
apawast
commented
3 years ago @felinepc the update should not be blocked. Does this happen when you try to install a different version of core tools? Was there recently any policy changes on your end? One recommended solution is using our msi installer as it is a signed deployment mechanism and should run as a trusted installer. https://github.com/Azure/azure-functions-core-tools/releases/tag/3.0.3442
felinepc
commented
3 years ago @apawast The MSI version does work. We prefer Chocolatey for ease of deployment and update though. Is there a reason why the non-MSI version cannot pass Microsoft's own built-in AV solution on Windows 10?
apawast
commented
3 years ago @felinepc chocolatey was built with a different signing and building process that predates the msi option. We will leave this issue open to track the work to converge on those.
fabiocav
commented
3 years ago Issue details/ask: ultimately updating the payload that we add to Chocolatey and ensure the signing requirements are met (we could move the Choco deployment to rely on MSI) and have this flow validated.
My work computer has Microsoft Defender ATP (also known as Windows Defender ATP), which is an enhanced version of the built-in Windows Defender as part of the Windows 10 Enterprise subscription.
After installing the latest version of Azure Functions Core Tools 3.0.3443 via Chocolatey:
choco install azure-functions-core-tools --params "'/x64:true'"The func.exe program cannot execute because it's instantly blocked by the Defender:
It's such a hard block that the file cannot be even added to Defender's exclusion list like other programs normally can. Merely browsing to the directory containing func.exe instantly triggers the access denied block. The Defender really, really hates it for some reason.
The Defender cannot be disabled due to our Intune policies, and seeing that these are all Microsoft products, we'd expect them to work properly together. Any way to have this resolved?