Patch KB5018482 activates Applocker even in the Windows Pro edition

Joojip 1 Reputation point
2022-11-13T15:51:57.58+00:00

I found out that the applocker is suddenly active on the PC where this patch was installed and is loading changes from the GPO.
I thought it was just a matter of the enterprise edition and servers, at least it was like that until this patch. I even tried it on my home PC and applocker works after the patch. Is this a bug or will it be enabled for Pro edition? It looks like it doesn't check the SKU. Can anyone else confirm this?

Addition

We have an environment with windows Enterprise and Pro and they share part of the GPO. I have now correlated events from over 50 pc with Pro and before this update the event log log was showing unable to apply to this SKU. After the application, it started and started restricting according to the policy. This can now be run even on a PC without a domain, just start the AppIDSvc service and set the rules in the local policy and applocker will start working just like in enterprise. This did not work before this update.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,083 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,838 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. hracher 1 Reputation point
    2022-11-16T09:28:51.803+00:00

    Hi, I can confirm that Applocker can be activated after installation of KB5018482 on Pro and even on Home editions of Windows.

    Is this a bug that will be repaired or are there new Applocker activation policies? This is unpleasant since we are keeping our systems up-to-date in our company by installing latest updates and Applocker started blocking critical apps on all workstations and we must keep editing GPO.

    Someone from Microsoft should comment on this!

    0 comments No comments

  2. Jordan Geurten 0 Reputation points Microsoft Employee
    2023-02-23T00:17:02.65+00:00

    Hi @hracher and @Joojip ,

    I apologize for the inconvenience. The new behavior is by-design as part of KB 5024351. This update completely removes the SKU/edition requirement for AppLocker policies. This change impacts Windows 10 versions 2004, 20H1, 21H1, Windows 11 21H1 and 22H2.

    After the change, AppLocker policies will be enforced on Windows 10 version 2004+ irrespective of the deployment mechanism and irrespective of the system SKU. That is why you are seeing AppLocker policies enforced on Pro and Home SKUs.

    0 comments No comments