added new toc entry

2025-05-14 14:27:22 +00:00 · 2019-05-06 12:43:42 -07:00 · 2019-05-06 12:43:42 -07:00 · cab27d6990
commit cab27d6990
parent 5b121e06fd
3 changed files with 68 additions and 44 deletions
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@ -34,6 +34,7 @@
 ### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
+### [Windows Defender Application Control improvements in Windows 10 version 1903](windows-defender-application-control-improvements-in-windows-10-version-1903.md)

 ## [AppLocker](applocker\applocker-overview.md) 
 ### [Administer AppLocker](applocker\administer-applocker.md)
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@ -103,47 +103,3 @@ As part of normal operations, they will eventually install software updates, or

 They could also choose to create a catalog that captures information about the unsigned internal application, then sign and distribute the catalog. Then the internal application could be handled by WDAC policies in the same way as any other signed application. An update to the internal application would only require that the catalog be regenerated, signed, and distributed (no restarts would be required).

-## Path-based rules
-
-Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
-
- New-CIPolicy parameters
-  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
-    ```console
-    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
-    ```
-    Optionally, add -UserWriteablePaths to ignore user writeability
-
-  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
-    ```console
-    New-CIPolicyRule -FilePathRule <any path string>
-    ```
-    Useful for wildcards like C:\foo\\*
-
- Usage: same flow as per-app rules
-  ```xml
-  $rules = New-CIPolicyRule …
-  $rules += New-CIPolicyRule …
-  …
-  ```
-  
-  ```console
-  New-CIPolicyRule -f .\mypolicy.xml -u
-  ```
-
- Wildcards supported:
-  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
-  - One or the other, not both at the same time
-  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
-  - Examples:
-    - %WINDIR%\\...
-    - %SYSTEM32%\\...
-    - %OSDRIVE%\\...
-
- Disable default FilePath rule protection of enforcing user-writeability
-  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
-  ```console
-  Set-RuleOption -o 18 .\policy.xml
-  ```
-
-
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@ -0,0 +1,67 @@
+---
+title: Windows Defender Application Control improvements in Windows 10 version 1903 (Windows 10)
+description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/06/2018
+---
+
+# Windows Defender Application Control improvements in Windows 10 version 1903 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+## Path-based rules
+
+Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
+
+- New-CIPolicy parameters
+  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+    ```console
+    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+    ```
+    Optionally, add -UserWriteablePaths to ignore user writeability
+
+  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+    ```console
+    New-CIPolicyRule -FilePathRule <any path string>
+    ```
+    Useful for wildcards like C:\foo\\*
+
+- Usage: same flow as per-app rules
+  ```xml
+  $rules = New-CIPolicyRule …
+  $rules += New-CIPolicyRule …
+  …
+  ```
+  
+  ```console
+  New-CIPolicyRule -f .\mypolicy.xml -u
+  ```
+
+- Wildcards supported:
+  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+  - One or the other, not both at the same time
+  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+  - Examples:
+    - %WINDIR%\\...
+    - %SYSTEM32%\\...
+    - %OSDRIVE%\\...
+
+- Disable default FilePath rule protection of enforcing user-writeability
+  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```console
+  Set-RuleOption -o 18 .\policy.xml
+  ```
+
+## Multiple Policies
+
+Beginning with Windows 10 vesion 1903, WDAC supportd multiple code integrity policies for one device. 
+
+