deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-10 19:47:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker.md
Alekhya Jupudi 200f30988f Defender App Guard Link text correction-03 
Change to Learn more about the Windows Defender Application Control feature availability
2021-09-30 11:35:44 +05:30

2.0 KiB
Raw Blame History

title, description, ms.assetid, ms.reviewer, ms.author, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.localizationpriority, author, manager, audience, ms.collection, ms.topic, ms.date, ms.technology
title description ms.assetid ms.reviewer ms.author ms.prod ms.mktglfcycl ms.sitesec ms.pagetype ms.localizationpriority author manager audience ms.collection ms.topic ms.date ms.technology
DLL rules in AppLocker (Windows) This topic describes the file formats and available default rules for the DLL rule collection. a083fd08-c07e-4534-b0e7-1e15d932ce8f dansimp m365-security deploy library security medium dansimp dansimp ITPro M365-security-compliance conceptual 09/21/2017 mde

DLL rules in AppLocker

Applies to

  • Windows 10
  • Windows 11
  • Windows Server 2016 and above

Note

Some capabilities of Windows Defender Application Control are only available on specific Windows versions. Learn more about the Windows Defender Application Control feature availability.

This topic describes the file formats and available default rules for the DLL rule collection.

AppLocker defines DLL rules to include only the following file formats:

  • .dll
  • .ocx

The following table lists the default rules that are available for the DLL rule collection.

Purpose Name User Rule condition type
Allows members of the local Administrators group to run all DLLs (Default Rule) All DLLs
BUILTIN\Administrators Path: *
Allow all users to run DLLs in the Windows folder (Default Rule) Microsoft Windows DLLs
Everyone Path: %windir%*
Allow all users to run DLLs in the Program Files folder (Default Rule) All DLLs located in the Program Files folder
Everyone Path: %programfiles%*

Important

If you use DLL rules, a DLL allow rule has to be created for each DLL that is used by all of the allowed apps

Caution

When DLL rules are used, AppLocker must check each DLL that an app loads. Therefore, users may experience a reduction in performance if DLL rules are used.

Related topics