Microsoft has surreptitiously implemented an advantageous update to its AppLocker feature. Enterprises now have the opportunity to take advantage of the AppLocker application control policies, which provide the capability to regulate what applications and files run on their systems.
For those unaware, AppLocker significantly enhances the app control features and functionalities of Software Restriction Policies. It includes cutting-edge capabilities and extensions that enable the creation of rules to either permit or block apps from running, determined by the unique identity of files, as well as granting permission for specified users or groups to run those applications. Also, It encompasses a broad spectrum of file types, including EXE files, scripts, Windows Installer files, DLL files, packaged apps, and packaged app installers.
The tech giant has done away with the restrictions that had been in place contingent upon the version of Windows employed or the management method implemented. Before the updates, the methods for enforcing the policy used to differ according to the Windows edition and the techniques used for managing its endpoints, for example, if you were managing a system with MDM, you could impose AppLocker policies on all editions of Windows 10 and 11. But systems that used Group Policy could only implement AppLocker policies on Windows 10/11 Enterprise or Education editions.
Fortunately, the update has eliminated edition validation checks for Microsoft Windows 10 in its 2004, 20H2, and 21H1 iterations and all Windows 11 versions. As a result, AppLocker policies can now be installed and enforced in these Windows editions, irrespective of their edition or management method.
- Windows 11, version 22H2 (KB number 5017389, released on September 30, 2022)
- Windows 11, version 21H2 (KB number 5018483, released on October 25, 2022)
- Windows 10, version 2004 (KB number 5018482, released on October 25, 2022)
- Windows 10, version 20H2
- Windows 10, version 21H1
This update allows Windows Defender Application Control (WDAC) IT professionals to deploy Managed Installer policies to managed systems without worrying about different Windows editions. Additionally, AppLocker IT pros now have even more access to manage systems -in other words, AppLocker expanded its reach to encompass Windows versions it wasn’t supporting previously.
Via Neowin