Forum Discussion
Why is WDAC blocking everything.
I have a very new Intune\Entra environment I am using for testing. I've spun up a VM of an early version of Windows 10 so I can test deploying updates from Intune.
I also want to test other things but I've hit an issue.
For some reason this freshly Entra joined and Intune onboarded machine is blocking every app from running. Get the error "You organization used Windows Defender Application Control to block this app"
But I haven't setup any application blocking. I haven't even applied any AV, ASR etc policies.
Could it just be a default thing due to using an older version of Win10? Or something else?
2 Replies
Never mind, worked it out. The intune settings are very intuitive was right in front of my face.
Believe reasons below:
- Default WDAC Behavior on Older Windows 10 Builds
Early versions of Windows 10 (especially pre-1903) don’t handle WDAC policies as gracefully. If your VM is running one of these builds, it may interpret Intune’s default security posture as a full block, even if you haven’t explicitly configured WDAC policies. - Intune’s App Control for Business Policies
When a device is onboarded to Intune, it may automatically apply baseline security policies. If the Intune Management Extension isn’t set up as a Managed Installer, apps deployed through Intune won’t be tagged as trusted, and WDAC will block them. - Signed and Reputable Mode
Some WDAC base policies use this mode, which blocks all unsigned or untrusted apps by default. If this was silently applied, it could explain the blanket blocking behavior.
- Default WDAC Behavior on Older Windows 10 Builds
