Information
This policy setting manages the behavior for notifying registered antivirus programs. If multiple programs are registered, they will all be notified.
The recommended state for this setting is: Enabled.
Note: An updated antivirus program must be installed for this policy setting to function properly.
Rationale:
Antivirus programs that do not perform on-access checks may not be able to scan downloaded files.
Impact:
Windows tells the registered antivirus program(s) to scan the file when a user opens a file attachment. If the antivirus program fails, the attachment is blocked from being opened.
Solution
To establish the recommended configuration, set the following Device Configuration Policy to Enabled:
To access the Device Configuration Policy from the Intune Home page:
Click Devices
Click Configuration profiles
Click Create profile
Select the platform (Windows 10 and later)
Select the profile (Administrative Templates)
Click Create
Enter a Name
Click Next
Configure the following Setting
Path: Administrative Templates/User Configuration/Windows Components/Attachment Manager
Setting Name: Notify antivirus programs when opening attachments
Configuration: Enabled
Select OK
Continue through the Wizard to complete the creation of the profile (profile assignments, applicability etc.)
Note: More than one configuration setting from each of the Configuration profiles (ex: Administrative Templates, Custom etc.) can be added to each Device Configuration Policy.
Default Value:
Disabled. (Windows does not call the registered antivirus program(s) when file attachments are opened.)