WDAC and AppLocker feature availability
- Windows 10
- Windows Server 2016 and above
|Platform support||Available on Windows 10||Available on Windows 8+|
|SKU availability||Cmdlets are available on all SKUs on 1909+ builds.
For pre-1909 builds, cmdlets are only available on Enterprise but policies are effective on all SKUs.
|Policies deployed through GP are only effective on Enterprise devices.
Policies deployed through MDM are effective on all SKUs.
|Per-User and Per-User group rules||Not available (policies are device-wide)||Available on Windows 8+|
|Kernel mode policies||Available on all Windows 10 versions||Not available|
|Per-app rules||Available on 1703+||Not available|
|Managed Installer (MI)||Available on 1703+||Not available|
|Reputation-Based intelligence||Available on 1709+||Not available|
|Multiple policy support||Available on 1903+||Not available|
|Path-based rules||Available on 1903+. Exclusions are not supported. Runtime user-writeability check enforced by default.||Available on Windows 8+. Exclusions are supported. No runtime user-writeability check.|
|COM object configurability||Available on 1903+||Not available|
|Packaged app rules||Available on RS5+||Available on Windows 8+|
|Enforceable file types||