From ed1ad85f37ad0bd02e8aa1bf8bd1162ca067f4fc Mon Sep 17 00:00:00 2001 From: timbrigham-onecall <75033503+timbrigham-onecall@users.noreply.github.com> Date: Wed, 6 Jul 2022 16:28:43 -0400 Subject: [PATCH] Update deploy-multiple-windows-defender-application-control-policies.md Add some details surrounding issues and what happens on exceeding the 32 policy limit. --- ...ltiple-windows-defender-application-control-policies.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md index 37126d5855..d845cb7d44 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md @@ -113,3 +113,10 @@ See [ApplicationControl CSP](/windows/client-management/mdm/applicationcontrol-c > [!NOTE] > WMI and GP do not currently support multiple policies. Instead, customers who cannot directly access the MDM stack should use the [ApplicationControl CSP via the MDM Bridge WMI Provider](/windows/client-management/mdm/applicationcontrol-csp#powershell-and-wmi-bridge-usage-guidance) to manage Multiple Policy Format Windows Defender Application Control policies. + +### Known Issues in Multiple Policy Format + +* If the maximum number of policies is exceeded, the device may bluescreen referencing ci.dll with a bug check value of 0x0000003b. +* If policies are loaded without requiring a reboot such as `PS_UpdateAndCompareCIPolicy` will still count towards this limit. +* This may pose an especially large challenge if the value of `{PolicyGUID}.cip` changes between releases. This may result in a long window between a change and the resultant reboot. +