Configuration profile problem - Microsoft Defender Application Control

Justus Feldhaus 1 Reputation point
2021-09-30T14:05:18.803+00:00

Hi there,

I was testing around with the "Application control code integrity policies" in Microsoft Defender Application Control in Endpoint protection.

After deployment, I realized, that the policy corrupts certain MSI and win32 apps deployed via Endpoint Manager.

After disabling the option again, everything stayed the same for every user. So the programs stay corrupted, even though the application guard isn't active anymore. Any suggestions?

Things I checked:

  • Policy with Application guard disabled again is already synced to the devices
  • Tried to reinstall one of the corrupted applications to no effect
  • Checked local policies via gpedit.msc command. Nothing is configured
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,811 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,191 Reputation points Microsoft Employee
    2021-09-30T21:03:13+00:00

    Are you referring to App Control or App Guard? They are two different mechanisms used for two different purposes but you've called them both out in your post.

    Also, what does "corrupts certain MSI and win32 apps" mean exactly, in technical terms?

    0 comments No comments