diff --git a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
index 23d40c8440..f25bd9c11d 100644
--- a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
@@ -49,7 +49,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 - texttransform.exe
 - visualuiaverifynative.exe
 - system.management.automation.dll
-- webclnt.dll/davsvc.dll
+- webclnt.dll/davsvc.dll<sup>3</sup>
 - wfc.exe
 - windbg.exe
 - wmic.exe
@@ -62,6 +62,8 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
 
 <sup>2</sup> If you're using your reference system in a development context and use msbuild.exe to build managed applications, we recommend that you allow msbuild.exe in your code integrity policies. Otherwise, we recommend that you block msbuild.exe.
 
+<sup>3</sup> If you block WebDAV DLL's, we recommend that you also disable the **WebClient** service using a group policy or MDM policies.
+
 <sup>*</sup> Microsoft recognizes the efforts of people in the security community who help us protect customers through responsible vulnerability disclosure, and extends thanks to the following people:
 
 <br />