From 2ba0d7d509f722ec581191c1539335a1ec36049b Mon Sep 17 00:00:00 2001 From: Aaron Czechowski Date: Tue, 12 Jul 2022 16:29:20 -0700 Subject: [PATCH] editorial revision --- ...s-defender-application-control-with-dynamic-code-security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md index 3720558b80..b00d8dca38 100644 --- a/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md +++ b/windows/security/threat-protection/windows-defender-application-control/use-windows-defender-application-control-with-dynamic-code-security.md @@ -24,7 +24,7 @@ Historically, Windows Defender Application Control (WDAC) has restricted the set Security researchers have found that some .NET applications may be used to circumvent those controls by using .NET’s capabilities to load libraries from external sources or generate new code on the fly. Beginning with Windows 10, version 1803, or Windows 11, Windows Defender Application Control features a new capability, called *Dynamic Code Security* to verify code loaded by .NET at runtime. -When the Dynamic Code Security option is enabled, WDAC policy is applied to libraries that .NET loads from external sources (any non-local sources, such as Internet or network share). +When the Dynamic Code Security option is enabled, Application Control policy is applied to libraries that .NET loads from external sources. For example, any non-local sources, such as the internet or a network share. Additionally, it detects tampering in code generated to disk by .NET and blocks loading code that has been tampered with.