From 866d47341e471cab8d31f0352ed10c65238cec54 Mon Sep 17 00:00:00 2001
From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com>
Date: Tue, 28 Jan 2025 10:05:32 -0700
Subject: [PATCH] Update applications-that-can-bypass-appcontrol.md
---
.../design/applications-that-can-bypass-appcontrol.md | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
index 23d40c8440..f25bd9c11d 100644
--- a/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
+++ b/windows/security/application-security/application-control/app-control-for-business/design/applications-that-can-bypass-appcontrol.md
@@ -49,7 +49,7 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
- texttransform.exe
- visualuiaverifynative.exe
- system.management.automation.dll
-- webclnt.dll/davsvc.dll
+- webclnt.dll/davsvc.dll3
- wfc.exe
- windbg.exe
- wmic.exe
@@ -62,6 +62,8 @@ Unless your use scenarios explicitly require them, Microsoft recommends that you
2 If you're using your reference system in a development context and use msbuild.exe to build managed applications, we recommend that you allow msbuild.exe in your code integrity policies. Otherwise, we recommend that you block msbuild.exe.
+3 If you block WebDAV DLL's, we recommend that you also disable the **WebClient** service using a group policy or MDM policies.
+
* Microsoft recognizes the efforts of people in the security community who help us protect customers through responsible vulnerability disclosure, and extends thanks to the following people: