Fixes to AppLocker topics

2025-05-12 13:27:23 +00:00 · 2023-12-21 15:01:39 -08:00 · 2023-12-21 15:01:39 -08:00 · 8f2f407fd6
commit 8f2f407fd6
parent 5655d38867
3 changed files with 15 additions and 18 deletions
--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only.md
@ -14,7 +14,7 @@ After AppLocker rules are created within the rule collection, you can configure

 When AppLocker policy enforcement mode is set to **Enforce rules**, rules are enforced for the rule collection and all events are logged to the AppLocker event logs for that rule collection. When AppLocker policy enforcement mode is set to **Audit only**, rules are only evaluated but all events generated from that evaluation are written to the AppLocker event logs.

-To create an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To create an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).
+To manage an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To manage an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).

 ## To audit rule collections

--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules.md
@ -15,7 +15,7 @@ This article for IT professionals describes the steps to enable the AppLocker po

 For info about how AppLocker policies are applied within a GPO structure, see [Understand AppLocker rules and enforcement setting inheritance in Group Policy](understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md).

-To create an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To create an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).
+To manage an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To manage an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).

 ## To enable the Enforce rules enforcement setting

--- a/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
+++ b/windows/security/application-security/application-control/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule.md
@ -1,30 +1,27 @@
 ---
 title: Add exceptions for an AppLocker rule
-description: This topic for IT professionals describes the steps to specify which apps can or cannot run as exceptions to an AppLocker rule.
+description: This article for IT professionals describes the steps to specify which apps can or can't run as exceptions to an AppLocker rule.
 ms.localizationpriority: medium
 ms.topic: conceptual
-ms.date: 09/21/2017
+ms.date: 12/21/2023
 ---

 # Add exceptions for an AppLocker rule

->[!NOTE]
->Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the [Windows Defender Application Control feature availability](/windows/security/threat-protection/windows-defender-application-control/feature-availability).
-
-This topic for IT professionals describes the steps to specify which apps can or cannot run as exceptions to an AppLocker rule.
+This article for IT professionals describes the steps to specify which apps can or can't run as exceptions to an AppLocker rule.

 Rule exceptions allow you to specify files or folders to exclude from the rule. For more information about exceptions, see [Understanding AppLocker rule exceptions](understanding-applocker-rule-exceptions.md).

-You can perform this task by using the Group Policy Management Console for an AppLocker policy in a Group Policy Object (GPO) or by using the Local Security Policy snap-in for an AppLocker policy on a local computer or in a security template. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#bkmk-using-snapins).
+To manage an AppLocker policy in a Group Policy Object (GPO), you can perform this task by using the Group Policy Management Console. To manage an AppLocker policy for the local computer or for use in a security template, use the Local Security Policy snap-in. For info how to use these MMC snap-ins to administer AppLocker, see [Administer AppLocker](administer-applocker.md#using-the-mmc-snap-ins-to-administer-applocker).

-**To configure exceptions for a rule**
+## To configure exceptions for a rule

-1.  Open the AppLocker console.
-2.  Expand the rule collection, right-click the rule that you want to configure exceptions for, and then click **Properties**.
-3.  Click the **Exceptions** tab.
-4.  In the **Add exception** box, select the rule type that you want to create, and then click **Add**.
+1. Open the AppLocker console.
+2. Expand the rule collection, right-click the rule that you want to configure exceptions for, and then select **Properties**.
+3. Select the **Exceptions** tab.
+4. In the **Add exception** box, select the rule type that you want to create, and then select **Add**.

-    -   For a publisher exception, click **Browse**, select the file that contains the publisher to exclude, and then click **OK**.
-    -   For a path exception, choose the file or folder path to exclude, and then click **OK**.
-    -   For a file hash exception, edit the file hash rule, and click **Remove**.
-    -   For a packaged apps exception, click **Add** to create the exceptions based on reference app and rule scope.
+    - For a publisher exception, select **Browse**, select the file that contains the publisher to exclude, and then select **OK**.
+    - For a path exception, choose the file or folder path to exclude, and then select **OK**.
+    - For a file hash exception, edit the file hash rule, and select **Remove**.
+    - For a packaged apps exception, select **Add** to create the exceptions based on reference app and rule scope.