In Windows 11/10, users have the ability to disable access to certain applications on their computer or laptop. There could be various reasons for wanting to restrict access, such as preventing users from launching built-in tools like PowerShell and Command Prompt, running scripts, making unwanted system changes, or restricting access to certain installed apps. Additionally, some organizations may have policies that require restricting access to certain Windows apps.
Regardless of the reason, there are at least two ways to restrict access to specific applications on Windows 11/10: by using the Group Policy Editor or Security Policy console. This post will provide step-by-step instructions for disabling access to one or more desktop applications on your computer, giving you greater control over how your system is used.
How to disable app access using Group Policy on Windows 11/10?
To disable access to certain apps on Windows 11/10 with the Local Group Policy Editor, perform the following steps:-
Step 1. Press Windows Logo + R keys to open the Run dialog box. Type gpedit.msc and press Enter from the keyboard to launch the Local Group Policy Editor.
Step 2. Browse for the following path under the Local Group Policy Editor window:-
User Configuration > Administrative Templates > System
Step 3. From the right side pane, double-click the policy “Don’t run specified Windows applications.”
Step 4. “Don’t run specified Windows applications” policy properties will open.
Step 5. Select the Enabled option and then click the Show button.
Step 6. Confirm the names of the apps you want to block.
Note: You have to enter the app one per line. Also, you need to specify the “.exe” file extension to block the app. For example, to block Command Prompt, you should add cmd.exe, and powershell.exe will block PowerShell.
Step 7. Click OK.
Step 8. Click Apply and then the OK button.
When you try to open the blocked app, you will get an error message, ‘This operation has been canceled due to restrictions in effect on this computer. Please contact your system administrator.”
In case you want to revert the changes, on the above step 5, select the option Not configured. Restrictions are removed immediately.
Note: If you are running Windows 11/10 Home Edition, you have to enable the Group Policy Editor (gpedit.msc) using this guideline.
How to disable app access using Security Policy?
This is the second option through which you can disable app access on Windows 11/10 PC. To prevent or stop all users from launching specific apps on Windows 11/10 PC, perform the following changes in the Local Security Policy:-
Step 1. Click on the Start button and type Local Security Policy. From the available search results, click on the Local Security Policy.
Step 2. Double-click on the Software Restriction Policies branch to expand it.
Step 3. Right-click the Additional Rules category and select the New Hash Rule option from the drop-down that appears.
Step 4. Once you click the “New Hash Rule,” a New Hash Rule window will open.
Note: Only select the executable file which you want to block.
Step 6. Click the Open button.
Step 7. Click the Apply button.
Step 8. Click the OK button.
Step 9. Finally, restart the computer to take effect the changes.
Once you complete the above steps, all users will no longer be able to launch the specified application. To restrict more apps, you can repeat the steps to block access for other desktop applications.
To allow access to the apps or remove the restriction, delete the entry you have made in Step 5 above.
Similarly, you can also restrict access to the Task Manager and Registry.
Conclusion
In conclusion, Windows 11/10 users have the option to restrict access to specific applications on their computers or laptops for various reasons, such as preventing unauthorized access, adhering to organizational policies, or preventing system changes. This post has provided step-by-step instructions for disabling access to desktop applications using either the Group Policy Editor or the Security Policy console.
By using these methods, users can have greater control over their systems, restrict access to specific applications, and prevent unwanted system changes. These methods can also be useful in organizational settings where policies require certain restrictions to be enforced.
It is important to note that the methods outlined in this post are reversible, and users can remove the restrictions and allow access to the restricted applications at any time. It is also essential to exercise caution and ensure that only the intended applications are being restricted to avoid any unintended consequences.
