The first action for each rule applies to all users by default. After the first action has been created, all subsequent actions apply to the security groups that you specify. That is why the default check box is ticked for the first action and it is greyed out. 

This is to prevent ambiguity over security groups that are created after the rule is first setup. This way the default action applies to all security groups unless they are included in subsequent actions.