diff --git a/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule-xml.png b/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule-xml.png
index 1a54fd222d..d22c3c4d73 100644
Binary files a/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule-xml.png and b/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule-xml.png differ
diff --git a/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule.png b/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule.png
index af1c6e2d44..948b522787 100644
Binary files a/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule.png and b/windows/security/threat-protection/windows-defender-application-control/images/appid-DLL-rule.png differ
diff --git a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
index a9c0d42e86..d6b4a4771c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
+++ b/windows/security/threat-protection/windows-defender-application-control/operations/known-issues.md
@@ -95,3 +95,6 @@ As a workaround, download the MSI file and run it locally:
 ```console
 msiexec –i c:\temp\Windows10_Version_1511_ADMX.msi  
 ```
+### Slow boot and performance with custom policies
+
+WDAC will evaluate all running processes, including inbox Windows processes. If policies don't build off the WDAC templates or don't trust the Windows signers, you'll see slower boot times, degraded performance and possibly boot issues. For these reasons, it's strongly recommended to build off the [WDAC base templates](../example-wdac-base-policies.md). 
\ No newline at end of file