From 40737c27d67226656309b8bf65e5a2ff6dcb3f18 Mon Sep 17 00:00:00 2001
From: Violet Hansen <spynetgirl@outlook.com>
Date: Fri, 28 Feb 2025 08:46:25 +0200
Subject: [PATCH] Added clarification for Dynamic Code Security

The document suggests using .NET 6 or greater but that simply isn't enough, the application must also be using Native AOT.
---
 .../app-control-for-business/design/appcontrol-and-dotnet.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md
index 5a5945c92c..10b1d66910 100644
--- a/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/appcontrol-and-dotnet.md
@@ -18,7 +18,7 @@ To mitigate any performance impact caused when the App Control EA isn't valid or
 
 - Avoid updating the App Control policies often.
 - Run `ngen update` (on all machine architectures) to force .NET to regenerate all NI files immediately after applying changes to your App Control policies.
-- Migrate applications to .NET Core (.NET 6 or greater).
+- Migrate applications to .NET Core (.NET 6 or greater) and enable [Native AOT](https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot).
 
 ## App Control and .NET hardening