Microsoft’s Windows 11 24H2 Update Faces Criticism Over AppLocker Issues
Last week, Microsoft announced the general availability of Windows 11 24H2, prompting users to download the latest feature update. However, this rollout has not been without controversy, as several significant issues have emerged. Users have reported major upgrade-related bugs and performance slowdowns, raising concerns about potential data loss.
Challenges with AppLocker Deployment
In 2023, Microsoft simplified the deployment of AppLocker, a security feature designed to help enterprises manage application access. Yet, the implementation appears to have seen inadequate testing for the 2024-2025 cycles, resulting in substantial vulnerabilities.
Understanding AppLocker and Its Importance
AppLocker provides application control by defining policies that restrict which files and applications users can execute on their systems. These policies cover various file types, including EXE files, scripts, Windows Installer packages, DLL files, and packaged applications.
User Reports Highlight Security Flaw
The issue first gained attention when a user, CFou, reported on Stack Exchange that the ConstrainedLanguage mode within PowerShell was not functioning correctly. Instead of enforcing restrictions, the session defaulted to FullLanguage. Another contributor confirmed that this malfunction was replicable on Windows 11 24H2, particularly raising alarms regarding security, as it allowed potentially harmful scripts to execute without restriction.
Community Insights and Further Investigations
This concern was further echoed by Reddit user hornetfig, who shared similar experiences on the sysadmin subreddit. With a growing number of users reporting the same issue, the potential for exploitation prompted an urgent discussion within the community.
Technical Analysis by Microsoft MVP
Roody Ooms, a Microsoft MVP, conducted an investigation revealing that the problems stemmed from a flawed implementation of the new WldpCanExecuteFile API introduced in PowerShell 7.3. This version replaced the legacy WldpGetLockdownPolicy API that previous releases used to enforce security protocols effectively.
Microsoft’s Acknowledgment and Planned Fixes
Recognizing the implications of this security flaw, Microsoft is actively working on a resolution. The upcoming PowerShell 7.6-preview.4 version will include a significant fix as part of its Engine Improvements:
Fallback to AppLocker after WldpCanExecuteFile (#24912)
Further Information
For individuals seeking more technical insights into this ongoing issue, Roody Ooms has provided additional details in his comprehensive blog post here.
For more updates on this matter, refer to this source.
Related Articles:
Linux Windows 11 dual boot setup gets smoother as Microsoft addresses nine-month-old issue
5:49
PowerToys 0.91 Release: Enhanced Command Palette Launcher and Additional Features
4:53
Microsoft Launches 2025 Xbox Floral Collection Featuring New Controllers and Headsets
22:01
Leave a Reply ▼