Share via

How to block "Windows Security" App opening for non admin user ?

Anonymous
2024-11-28T07:00:16+00:00

Please guide me on how to block the below Windows security windows operating for non-admin users ? Is that any option in GPO? I'm using Windows Server 2019.

Thanks

Windows for business | Windows Server | Directory services | Deploy group policy objects

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-11-29T00:29:02+00:00

    Hello,

    Thank you for posting in the Microsoft Community Forums.

    To block the "Windows Security" app for non-admin users using Group Policy on Windows Server 2019, you can follow these steps:

    AppLocker is a feature that can help you control which apps and files users can run.

    1. Open Group Policy Management:
      • Press Windows + R to open the Run dialog box.
      • Type gpmc.msc and press Enter to open the Group Policy Management Console.
    2. Create a New GPO:
      • Right-click the appropriate domain or OU where you want to create the policy.
      • Select "Create a GPO in this domain, and Link it here..."
      • Name the GPO, such as "Restrict Windows Security App".
    3. Edit the GPO:
      • Right-click on the newly created GPO and select "Edit" to open the Group Policy Management Editor.
    4. Navigate to AppLocker:
      • Go to: Computer Configuration > Policies > Windows Settings > Security Settings > Application Control Policies > AppLocker
      • Right-click on "Executable Rules", select "Create New Rule..."
    5. Create the Rule:
      • Follow the wizard to create a new rule:
        • On the "Before You Begin" page, click Next.
        • On the "Permissions" page, select "Deny" and choose "User or group" to specify non-admin users.
        • On the "Conditions" page, select "Path" and enter the path to the Windows Security executable (C:\Program Files\Windows Defender\MSASCui.exe or similar depending on your OS version).
    6. Finish and Apply:
      • Complete the wizard to create the rule.
      • Ensure the AppLocker rules are enabled by right-clicking "AppLocker" and selecting "Properties".

    Best regards

    Yanhong

    0 comments
  2. Anonymous
    2024-11-29T14:50:11+00:00

    Hello Yanhong,

    Thank you for your update.

    I have followed the same procedure as you, but Windows security is still opening. Are there any other methods available here to check? I have Windows Server 2019 and Windows 10 PCs as my clients.

    Thank you,

    Yaser VP

    0 comments
  3. Anonymous
    2024-12-02T07:49:11+00:00

    Hello,

    Thanks for your reply.

    You can try it in Group Policy Management Editor, go to Computer Configuration.

    Select Policies and then Administrative Templates.

    Expand the tree to Windows Components > Windows Security > App and browser protection.

    Open the Hide the App and browser protection area setting and set it to Enabled.

    Select OK.

    For more detailed information, you can refer to the documentation: App & browser control in Windows Security | Microsoft Learn

    0 comments
  4. Anonymous
    2024-12-03T08:33:36+00:00

    Hi Yanhong Liu,

    Thanks for your update.

    Looks like, it's working on only windows 10 Client PCs, how to implement the same in windows server 2019 client pc ?

    Thanks,

    Yaser VP

    0 comments