Windows Defender Application Control offers new capabilities

Windows Defender Application Control from Microsoft offers a new life of defense for Enterprise. It not only provides the inherent advantage over traditional antivirus solutions but when used offers a trust model where applications must earn trust to run. It allows Enterprises to counter the threat of executable file-based malware such as .exe, .dll, etc.

Windows Defender Application Control offers new capabilities

Windows Defender Application Control offers new capabilities

Starting with Windows 10 May 2019 update, Windows Defender Application Control works in conjunction with features like Windows Defender Application Guard. It provides hardware-based isolation of Microsoft Edge for enterprise-defined untrusted sites, to strengthen the security posture of Windows 10 systems.

Here is the list of Windows Defender Application Control(WDAC) features:

  1. File path rules, including optional runtime admin protection checks
  2. Multiple policy file support with composability
  3. Disabling script enforcement rule option
  4. Application Control CSPĀ 
  5. COM object registration support in policy

1] File path rules, including optional runtime admin protection checks

WDAC offers allow and dent riles based on the file path. When an application runs, the path is checked against the rules. It can only run when it matches the path. The administrator or higher privileged accounts can only set this path.

2] Multiple policy file support with composability

Since there are multiple business groups in a company, everyone might need their own set of policies. That’s where Supplemental polices came into the picture with this update. In simple words, a company can have an organizational policy and department policies.

3] Disabling script enforcement rule option

The feature will allow IT departments to tackle EXE, DLL, and driver enforcement without needing also simultaneously to address script host control.

We would suggest you read about Application Control CSP and COM object registration support in policy in complete details at Microsoft Security Page.

Posted by with Tags
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.