IntuneSettingCatalogASRRulesPolicyWindows10 doesn't work with multiple exclusions

[Influencer101]

Description of the issue

When deploying a new IntuneSettingCatalogASRRulesPolicyWindows10 config with multiple "Attack Surface Reduction Only Exclusions" exclusions, the policy isn't created. Seems to work with just a single exclusion. The configuration drift is successfully detected, but updating the policy fails, see also events below.

Microsoft 365 DSC Version

1.23.809.1

Which workloads are affected

other

The DSC configuration

Generated with Microsoft365DSC version 1.23.809.1

For additional information on how to use Microsoft365DSC, please visit https://aka.ms/M365DSC

param ( )

Configuration Test { param ( )

$OrganizationName = $ConfigurationData.NonNodeData.OrganizationName

Import-DscResource -ModuleName 'Microsoft365DSC' -ModuleVersion '1.23.809.1'

Node localhost
{

    IntuneSettingCatalogASRRulesPolicyWindows10 "IntuneSettingCatalogASRRulesPolicyWindows10-W10 ASR Rules V3"
    {
        ApplicationId                                                              = $ConfigurationData.NonNodeData.ApplicationId;
        ApplicationSecret                                                          = New-Object System.Management.Automation.PSCredential ('ApplicationSecret', (ConvertTo-SecureString $ConfigurationData.NonNodeData.ApplicationSecret -AsPlainText -Force));
        Assignments                                                                = @(
            MSFT_DeviceManagementConfigurationPolicyAssignments{
                deviceAndAppManagementAssignmentFilterType = 'none'
                dataType = '#microsoft.graph.allDevicesAssignmentTarget'
            }
        );
        attacksurfacereductiononlyexclusions                                       = @("c:\temp\test.exe", "c:\temp\test2.exe");
        blockabuseofexploitedvulnerablesigneddrivers                               = "block";
        blockadobereaderfromcreatingchildprocesses                                 = "block";
        blockallofficeapplicationsfromcreatingchildprocesses                       = "block";
        blockcredentialstealingfromwindowslocalsecurityauthoritysubsystem          = "block";
        blockexecutablecontentfromemailclientandwebmail                            = "block";
        blockexecutablefilesrunningunlesstheymeetprevalenceagetrustedlistcriterion = "block";
        blockexecutionofpotentiallyobfuscatedscripts                               = "block";
        blockjavascriptorvbscriptfromlaunchingdownloadedexecutablecontent          = "block";
        blockofficeapplicationsfromcreatingexecutablecontent                       = "block";
        blockofficeapplicationsfrominjectingcodeintootherprocesses                 = "block";
        blockofficecommunicationappfromcreatingchildprocesses                      = "block";
        blockpersistencethroughwmieventsubscription                                = "block";
        blockprocesscreationsfrompsexecandwmicommands                              = "block";
        blockuntrustedunsignedprocessesthatrunfromusb                              = "block";
        blockwin32apicallsfromofficemacros                                         = "block";
        Description                                                                = "";
        DisplayName                                                                = "W10 ASR Rules V3";
        enablecontrolledfolderaccess                                               = "2";
        Ensure                                                                     = "Present";
        Identity                                                                   = "625339d1-4174-4862-8f6b-ad532f62d86b";
        TenantId                                                                   = $OrganizationName;
        useadvancedprotectionagainstransomware                                     = "block";
    }
}

}

Test -ConfigurationData .\ConfigurationData.psd1

Verbose logs showing the problem

See above

Environment Information + PowerShell Version

Name                           Value
----                           -----
PSVersion                      5.1.19041.3031
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.19041.3031
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

[Influencer101]

Hello, I haven't seen a response yet. Will this issue be picked up?

[Influencer101]

I see the issue has been classified. Thanks!