If you are running Windows 11/10 on your computer or laptop and want to disable access to specific applications, this is possible in Windows 11/10. Reasons may be various to strict some apps on your computer like you want to prevent users from launching built-in tools (such as PowerShell and Command Prompt), run scripts, or make unwanted system changes. It may also be happening; you have installed some apps on your PC and don’t want to access someone else. It may also happen, to comply with your organization’s policy, you need to restrict access to some of the best Windows apps.
Whatever the reason it might be, if you want to restrict access to some specific applications on Windows 11/10, it is possible by at least two ways, using Group Policy Editor or Security Policy console.
This post will guide you on the steps to disable access to one or more desktop applications on your computer.
How to disable apps access using Group Policy on Windows 11/10?
To disable access to certain apps on Windows 11/10 with Local Group Policy editor, perform the following steps:-
Step 1. Press
Step 2. Browse for the following path under the Local Group Policy Editor window:-
User Configuration > Administrative Templates > System
Step 3. From the right side pane, double-click the policy “Don’t run specified Windows applications.”
Step 4. “Don’t run specified Windows applications” policy properties will open.
Step 5. Select the
Step 6. Confirm the names of the apps you want to block.
Note: You have to enter the app one per line. Also, you need to specify the “.exe” file extension to block the app. For example, to block Command Prompt, you should add cmd.exe, and powershell.exe will block PowerShell.
Step 7. Click
Step 8. Click
When you try to open the blocked app, you will get an error message, ‘This operation has been canceled due to restrictions in effect on this computer. Please contact your system administrator.”
In case you want to revert the changes, on the above step 5, select the option
Note: If you are running Windows 11/10 Home edition, you have to enable the Group Policy Editor (gpedit.msc) using this guideline.
How to disable apps access using Security Policy?
This is the second option through which you can disable app access on Windows 11/10 PC. To prevent or stop all users from launching specific apps on Windows 11/10 PC, perform the following changes in the Local Security Policy:-
Step 1. Click on the
Step 2. Double-click on the
Step 3. Right-click the
Step 4. Once you click the “New Hash Rule,” a New Hash Rule window will open.
Note: Only select the executable file which you want to block.
Step 6. Click the
Step 7. Click the
Step 8. Click the
Step 9. Finally, restart the computer to take effect the changes.
Once you complete the above steps, all users will no longer be able to launch the specified application. To restrict more apps, you can repeat the steps to block access for other desktop applications.
To allow access to the apps or remove the restriction, delete the entry you have made on step 5 above.
Similarly, you can also restrict access to the Task Manager and Registry.