MicrosoftDian Hartono jvintzel I'm in the same situation as MikeH, a group policy doesn't help for situations where ms-appinstaller is not being used on domain managed PCs.
In our case, we use ms-appinstaller with a signed binary using an extended validation code signing certificate (which we paid over $3000 to receive) to distribute a vertical market app outside of the MSStore. This is because our app, while not an enterprise app, is not a 'public' app per se. In our case it's a security critical medical device application which is installed in combination with specialty hardware.
I was disappointed to have our app, which was distributed and signed using best recommended policies for Windows apps, to get lumped in and swept up with this security vulnerability. Is appx so fundamentally broken that digital signatures are subverted?
Please fix appx. There are scenarios for which neither the MSStore nor group policy are appropriate distribution channels.
