diff --git a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md index d0713d7bee..4dc97c59a6 100644 --- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md @@ -41,7 +41,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power > [!NOTE] > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. - For more information on the issue, see the [AppId Tagging Known Issues page](./known-issues-appid-tagging-policies.md). + For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#Slow-boot-and-performance-with-custom-policies). 2. Set the following rule-options using the Wizard toggles: diff --git a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md deleted file mode 100644 index a620de5fe8..0000000000 --- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md +++ /dev/null @@ -1,45 +0,0 @@ ---- -title: Known Issues with Windows Defender Application Control AppId Tagging Policies -description: Issues known to Microsoft with Windows Defender Application Control AppId tagging policies. -keywords: security, malware -ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb -ms.prod: windows-client -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -audience: ITPro -author: jgeurten -ms.reviewer: jsuther1974 -ms.author: jogeurte -manager: justher -ms.date: 05/26/2023 -ms.technology: itpro-security -ms.topic: article ---- - -# WDAC AppId Tagging Policies Known Issues - -**Applies to:** - -- Windows 10 -- Windows 11 -- Windows Server 2022 and above - - -This article covers tips and mitigations for known issues with Windows Defender Application Control (WDAC) AppId Tagging Policies. Test this configuration in your lab before enabling it in production. - -## Known Issues - -### Slow Boot and Performance Regressions - -If the AppId Tagging Policy wasn't built off the WDAC base templates or doesn't allow the Windows in-box signers, you'll notice a significant increase in boot times (~2 minutes). - -If you can't allowlist the Windows signers, or build off the WDAC base templates, it is strongly recommended to add the following rule to your policies to improve the performance: - -![Allow all DLLs in the policy.](../images/appid-DLL-rule.png) - -![Allow all DLLs in the policy.](../images/appid-DLL-rule-xml.png) - - -Since AppId Tagging policies evaluate but can't tag DLLs, this rule will short circuit DLL evaluation and improve evaluation performance. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md.bak b/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md.bak deleted file mode 100644 index 80a647bc69..0000000000 --- a/windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md.bak +++ /dev/null @@ -1,44 +0,0 @@ ---- -title: Known Issues with Windows Defender Application Control AppId Tagging Policies -description: Issues known to Microsoft with Windows Defender Application Control AppId tagging policies. -keywords: security, malware -ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb -ms.prod: windows-client -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.localizationpriority: medium -audience: ITPro -author: jgeurten -ms.reviewer: jsuther1974 -ms.author: jogeurte -manager: justher -ms.date: 05/26/2023 -ms.technology: itpro-security -ms.topic: article ---- - -# WDAC AppId Tagging Policies Known Issues - -**Applies to:** - -- Windows 10 -- Windows 11 -- Windows Server 2022 and above - - -This article covers tips and mitigations for known issues with Windows Defender Application Control (WDAC) AppId Tagging Policies. Test this configuration in your lab before enabling it in production. - -## Known Issues - -### Slow Boot and Performance Regressions - -If the AppId Tagging Policy wasn't built off the WDAC base templates or doesn't allow the Windows in-box signers, you'll notice a significant increase in boot times (~2 minutes). - -If you can't allowlist the Windows signers, or build off the WDAC base templates, it is strongly recommended to add the following rule to your policies to improve the performance: - -![Allow all DLLs in the policy.](../images/appid-DLL-rule.png) -![Allow all DLLs in the policy.](../images/appid-DLL-rule-xml.png) - - -Since AppId Tagging policies evaluate but can't tag DLLs, this rule will short circuit DLL evaluation and improve evaluation performance. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.yml b/windows/security/threat-protection/windows-defender-application-control/TOC.yml index 9e4befcbe2..c003b5258e 100644 --- a/windows/security/threat-protection/windows-defender-application-control/TOC.yml +++ b/windows/security/threat-protection/windows-defender-application-control/TOC.yml @@ -130,8 +130,6 @@ href: AppIdTagging/deploy-appid-tagging-policies.md - name: Testing and Debugging AppId Tagging Policies href: AppIdTagging/debugging-operational-guide-appid-tagging-policies.md - - name: AppId Tagging Policies Known Issues - href: AppIdTagging/known-issues-appid-tagging-policies.md - name: AppLocker href: applocker\applocker-overview.md items: