Smart App Control

Occasional Visitor

We are having huge problems with the new Smart App Control feature in Windows 11.  With a completely clean installation, with no software installed, Smart App starts popping up warnings that the .NET Runtime Optimization Service (i.e. ngen) has been blocked from loading, wait for it, mscorlib.dll, System.dll, System.Net.dll etc.  Now I'm going to go out on a limb and say that those DLLs are almost certainly signed by Microsoft.

 

So it would appear that before anything else is used, Smart App gives a huge number of false positives (or negatives, depending on your point of view).  This seems to render the whole feature useless.  We're trying to make our app play nicely with Smart App, but if we're stuck at the point where Windows won't even play nicely with itself, there doesn't seem much point in persisting.

 

How serious is Microsoft about this 'feature'?  At present it's pretty much an optional feature of new installations, but if it morphs into being a permanent feature of all installations, then we need a lot more information about how to work with it, beyond the patently false 'just sign your apps'.

0 Replies