deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

PR feedback. moved known issue out of separate topic

Browse Source
This commit is contained in:
Jordan Geurten 2023-06-13 11:31:15 -04:00
parent c6d502f1be
commit 3cf004f185
4 changed files with 1 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/design-create-appid-tagging-policies.md
View File

@ -41,7 +41,7 @@ You can use the Windows Defender Application Control (WDAC) Wizard and the Power
> [!NOTE] > [!NOTE]
> If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates. > If your AppId Tagging Policy does build off the base templates or does not allow Windows in-box processes, you will notice significant performance regressions, especially during boot. For this reason, it is strongly recommended to build off the base templates.
For more information on the issue, see the [AppId Tagging Known Issues page](./known-issues-appid-tagging-policies.md). For more information on the issue, see the [AppId Tagging Known Issue](../operations/known-issues.md#Slow-boot-and-performance-with-custom-policies).
2. Set the following rule-options using the Wizard toggles: 2. Set the following rule-options using the Wizard toggles:

45
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md
View File

@ -1,45 +0,0 @@
---
title: Known Issues with Windows Defender Application Control AppId Tagging Policies
description: Issues known to Microsoft with Windows Defender Application Control AppId tagging policies.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jgeurten
ms.reviewer: jsuther1974
ms.author: jogeurte
manager: justher
ms.date: 05/26/2023
ms.technology: itpro-security
ms.topic: article
---
# WDAC AppId Tagging Policies Known Issues
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2022 and above
This article covers tips and mitigations for known issues with Windows Defender Application Control (WDAC) AppId Tagging Policies. Test this configuration in your lab before enabling it in production.
## Known Issues
### Slow Boot and Performance Regressions
If the AppId Tagging Policy wasn't built off the WDAC base templates or doesn't allow the Windows in-box signers, you'll notice a significant increase in boot times (~2 minutes).
If you can't allowlist the Windows signers, or build off the WDAC base templates, it is strongly recommended to add the following rule to your policies to improve the performance:
![Allow all DLLs in the policy.](../images/appid-DLL-rule.png)
![Allow all DLLs in the policy.](../images/appid-DLL-rule-xml.png)
Since AppId Tagging policies evaluate but can't tag DLLs, this rule will short circuit DLL evaluation and improve evaluation performance.

44
windows/security/threat-protection/windows-defender-application-control/AppIdTagging/known-issues-appid-tagging-policies.md.bak
View File

@ -1,44 +0,0 @@
---
title: Known Issues with Windows Defender Application Control AppId Tagging Policies
description: Issues known to Microsoft with Windows Defender Application Control AppId tagging policies.
keywords: security, malware
ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb
ms.prod: windows-client
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
audience: ITPro
author: jgeurten
ms.reviewer: jsuther1974
ms.author: jogeurte
manager: justher
ms.date: 05/26/2023
ms.technology: itpro-security
ms.topic: article
---
# WDAC AppId Tagging Policies Known Issues
**Applies to:**
- Windows 10
- Windows 11
- Windows Server 2022 and above
This article covers tips and mitigations for known issues with Windows Defender Application Control (WDAC) AppId Tagging Policies. Test this configuration in your lab before enabling it in production.
## Known Issues
### Slow Boot and Performance Regressions
If the AppId Tagging Policy wasn't built off the WDAC base templates or doesn't allow the Windows in-box signers, you'll notice a significant increase in boot times (~2 minutes).
If you can't allowlist the Windows signers, or build off the WDAC base templates, it is strongly recommended to add the following rule to your policies to improve the performance:
![Allow all DLLs in the policy.](../images/appid-DLL-rule.png)
![Allow all DLLs in the policy.](../images/appid-DLL-rule-xml.png)
Since AppId Tagging policies evaluate but can't tag DLLs, this rule will short circuit DLL evaluation and improve evaluation performance.

2
windows/security/threat-protection/windows-defender-application-control/TOC.yml
View File

@ -130,8 +130,6 @@
href: AppIdTagging/deploy-appid-tagging-policies.md href: AppIdTagging/deploy-appid-tagging-policies.md
- name: Testing and Debugging AppId Tagging Policies - name: Testing and Debugging AppId Tagging Policies
href: AppIdTagging/debugging-operational-guide-appid-tagging-policies.md href: AppIdTagging/debugging-operational-guide-appid-tagging-policies.md
- name: AppId Tagging Policies Known Issues
href: AppIdTagging/known-issues-appid-tagging-policies.md
- name: AppLocker - name: AppLocker
href: applocker\applocker-overview.md href: applocker\applocker-overview.md
items: items: