1

Microsoft quietly made AppLocker deployment easier across Windows 11 and some Wi...

 1 year ago
source link: https://www.neowin.net/news/microsoft-quietly-made-applocker-deployment-easier-across-windows-11-and-some-windows-10s/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Microsoft quietly made AppLocker deployment easier across Windows 11 and some Windows 10s

A Microsoft logo on a grey background with a padlock icon in a circle on the right

Microsoft has quietly made a welcome change to its AppLocker feature. AppLocker application control policies help organizations manage the applications and files that users can run on their systems. These include EXE files, scripts, Windows Installer files, DLL files, packaged apps, and packaged app installers.

The Redmond giant has removed the checks that were previously enforced depending on the edition of Windows used or the management method used. AppLocker deployment for Mobile Device Management (MDM) used to be different from the Group Policy management. Hence, from now on IT admins and system admins can deploy AppLocker freely across Windows 11 as well as some supported versions of Windows 10, irrespective of the edition or management method.

In a support article titled "KB5024351—Removal of Windows edition checks for AppLocker" Microsoft has explained this major change.

The Windows updates dated September 30, 2022, and later, made significant changes for AppLocker support. Before the updates, Windows tied policy enforcement to the Windows edition and the method used to manage its endpoints. For instance, systems managed by mobile device management (MDM) enforced AppLocker policies on all editions of Windows 10 and Windows 11. Also, systems managed by Group Policy only enforced AppLocker policies on Windows 10 and Windows 11 Enterprise or Education editions.

These updates removed the edition checks for Windows 10, versions 2004, 20H2, and 21H1 and all versions of Windows 11. You can now deploy and enforce AppLocker policies to all of these Windows versions regardless of their edition or management method.

The change was introduced on Windows 11 and Windows 10 with the following updates:

Product

KB number

Release date

Windows 11, version 22H2

5017389

September 30, 2022

Windows 11, version 21H2

5018483

October 25, 2022

Windows 10, version 2004

Windows 10, version 20H2

Windows 10, version 21H1

5018482

October 25, 2022

You may find more details regarding AppLocker deployment in this support article.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK