Applocker is not present in Pro, since windows 8, only on Enterprise and Education. btw, one of the best features that 7 have.
Anybody on home edition? Can you try this tweak? I am lazy to setup +1 VM. Code: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\SystemCertificates] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Appx] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Appx\32095775-5197-4f30-8cd8-990a7f2be3b7] "Value"="<FilePublisherRule Id=\"32095775-5197-4f30-8cd8-990a7f2be3b7\" Name=\"Microsoft.Windows.ContentDeliveryManager, from Microsoft Corporation\" Description=\"\" UserOrGroupSid=\"S-1-1-0\" Action=\"Deny\"><Conditions><FilePublisherCondition PublisherName=\"CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US\" ProductName=\"Microsoft.Windows.ContentDeliveryManager\" BinaryName=\"*\"><BinaryVersionRange LowSection=\"*\" HighSection=\"*\"/></FilePublisherCondition></Conditions></FilePublisherRule>" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Dll] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Exe] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Msi] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}Machine\Software\Policies\Microsoft\Windows\SrpV2\Script] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Group Policy Objects\{250FEABB-7D5C-4556-8753-B62A66E5858B}User]
I just installed pro on a VM, and you are right!. No, I dont use w$ Applocker is one of the best things that w$ has. Good to know pro have it.
This doesn't seem to have any effect on my W10 Pro 1607. While I can configure the options, they don't seem to do anything, the Application Identity process is set to manual start and cannot be edited (access denied), there are no event log entries for any blocked apps, only ones telling me I have the wrong sku for Applocker. Has this been tested *without* the firewall rule? Sadly the contentdelivery registry key also gets reset by the initial user creation process, no matter what is set in the default profile, so I'm running out of things to try, I will have a go with the firewall rule next though.
Hmmm? Have to test this some more, and ya, go with the firewall solution. Don't know if it has to do with the fact that a user actually never interacts with contentdeliverymanager, but it does it thing in the background(So to speak), hence applocker has nothing to prevent it from?