From 873d076dad3e0d4fb32b52fd7f9d8b15a5a46093 Mon Sep 17 00:00:00 2001
From: valemieux <98555474+valemieux@users.noreply.github.com>
Date: Tue, 22 Mar 2022 10:02:22 -0700
Subject: [PATCH] 38569439 - Adding Note Regarding MSIs not being able to be
 allow listed in file path rules

---
 .../select-types-of-rules-to-create.md                         | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 146ad43afe..36393e5187 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -141,6 +141,9 @@ You can also use the following macros when the exact volume may vary: `%OSDRIVE%
 > [!NOTE]
 > For others to better understand the WDAC policies that has been deployed, we recommend maintaining separate ALLOW and DENY policies on Windows 10, version 1903 and later.
 
+> [!NOTE]
+> There is currently a bug where MSIs cannot be allow listed in file path rules.
+
 ## More information about hashes
 
 ### Why does scan create four hash rules per XML file?