This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 2%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBB%3C/text%3E%3C/svg%3E)
I am deploying a signed WDAC policy to a Dell Latitude 7200 running Windows Enterprise (20H2 at the time this question was written) which includes TPM 2.0 with Secure Boot. The policy is being added to the target system using the Application Control CSP. It's based on the DefaultWindows_Enforced policy from C:\Windows\schemas\CodeIntegrity\ExamplePolicies. When deployed, it predictably blocks unsigned code. After restarting once, it still works. Restarting a third time results in a boot failure (Dell detects boot failures and drops you into an OS recovery mode). The only way to get around this is to disable Secure Boot. After disabling Secure Boot, I am able to boot into Windows and, taking a look at the WDAC events, nothing appears to have been blocked (not surprising as it may be blocking some kernel mode drivers and I don't know of an event for those being blocked). I've also tried scanning the entire target system using New-CIPolicy but it results in the same boot failure. Even if I put the policy in "Boot Audit on Failure" it still fails to boot.
Since this is a Dell manufactured device, they have OEM Secure Boot keys. Do these need to be included in a WDAC policy somehow? I would have assumed these would be detected with New-CIPolicy if they were required, but perhaps not. I would test this but I don't know how to add these. I am able to export them from the BIOS as text files and I can see the (presumably) key names among the keys' data bytes: Dell Inc. Key Exchange Key; Dell Inc. UEFI DB; Dell Inc. Platform Key. I was thinking maybe the policy needs to be signed by the PK or KEK or something that has a chain back to these but I haven't found a way to do that. Maybe also the signer I used to sign the policy needs to be added to the Secure Boot DB but I haven't found a clear way to do that either. I couldn't find much information on Microsoft's WDAC documentation concerning this so any guidance is greatly appreciated.
I think I may have found the issue. It looks like the driversipolicy.p7b from %windir%\System32\CodeIntegrity\ is being automatically applied as soon as I deploy a custom policy. Using the policy recovery tool from Matt Graeber (https://github.com/mattifestation/WDACTools) I can take a look at the rules (driversipolicy.xml) and it appears to be a driver blacklist. The issue here is that it is not signed. So when I deploy my signed policy, which does not allow unsigned policies, the Microsoft Windows Driver Policy (driversipolicy.p7b), which is also a base policy, conflicts with it. Since that driver policy does not have the Boot Audit on Failure rule enabled, my guess is that they cancel each other out and Secure Boot prevents booting altogether. If so, this is strange behavior as I would expect the unsigned policy to not apply at all.
It looks like from Window's documentation, the Microsoft Windows Driver Policy is automatically applied when HVCI is enabled (and for S Mode versions of Windows but I am not running in S Mode):
Microsoft then adds the vulnerable versions of the drivers to our ecosystem block policy which is applied to the following sets of devices:
Hypervisor-protected code integrity (HVCI) enabled devices
Windows 10 in S mode (S mode) devices
Assuming I am right in that having this policy applied alongside a signed policy (which does not allow unsigned policies) causes boot failures for Secure Boot enabled devices, then is it not possible to have both HVCI enabled and have a signed policy which enforces policy signers?
I am afraid taht it is impossible.
Your discovery is right, but on forum platform we can't supply more support, as my first reply said, you could open a request ticket with Microsoft for deep research.
You may need to consult with Dell firmware support for an idea, what operations should be done on WDAC policy side to adapt their product, and vice versa.
Besides, due to limited condition Q&A forum can’t reproduce your scenario for test or remote assistance, you could open a request with Microsoft for deep research on WDAC deployment.
Support for business (microsoft.com)
https://support.serviceshub.microsoft.com/supportforbusiness
-------------------------------------------------------------------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I appreciate your response, TeemoTang. TPM and Secure Boot implementation is all specified by Microsoft (downstream from ISO/IEC) for OEM compliance so, Dell aside, how does WDAC interact with Secure Boot? For example, does WDAC require the PK or KEK public certs (or a cert in that chain) to allow Secure Boot to run successfully?
“does WDAC require the PK or KEK public certs (or a cert in that chain) to allow Secure Boot to run successfully”
Yes, I think it is required.
WDAC policies enforce kernel mode drivers, it is important that they be thoroughly tested on each software and hardware configuration before being enforced and signed. Signed WDAC policies are validated in the pre-boot sequence by using Secure Boot.
Firmware: Securing Boot Configuration and Management
• Required BIOS capabilities: Ability of OEM to add ISV, OEM, or Enterprise Certificate in Secure Boot DB at manufacturing time.
• Required configurations: Microsoft UEFI CA must be removed from Secure Boot DB. Support for 3rd-party UEFI modules is permitted but should leverage ISV-provided certificates or OEM certificate for the specific UEFI software.
Deployment guidelines for Windows Defender Device Guard (Windows 10) - Windows security | Microsoft Learn
https://learn.microsoft.com/en-us/windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity#additional-security-qualifications-starting-with-windows-10-version-1607-and-windows-server-2016
-------------------------------------------------------------------------------------
If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
This may be, but doesn't seem to be the reason why I can't boot after applying a signed policy that does not allow unsigned policies. Please see the answer I posted. Perhaps you can help me answer the question posed there.