Allow users to trust files that open in Windows Defender Application Guard

This policy setting allows you to configure required actions and validations that enable users to trust files that open in Application Guard. Upon successful completion, the files will open on the host.

If you enable this setting, you must select one or more of the following:
0. Do not allow users to manually trust files: Users will not be given the option to trust files.
1. Allow users to manually trust files: Users can open UI in Windows that enables them to explicitly trust selected files.
2. Allow users to manually trust after an antivirus check: Users can open UI in Windows that enables them to explicitly trust selected files. The files are trusted only after they are cleared by the antivirus program that is installed on the user's device.

If you disable or don't configure this setting, users will not be able to trust files that open in Application Guard.

Supported on: Windows 10 Enterprise, Windows 10 Education, or later



Registry HiveHKEY_LOCAL_MACHINE
Registry PathSOFTWARE\Policies\Microsoft\AppHVSI
Value NameFileTrustCriteria
Value TypeREG_DWORD
Default Value0
Min Value0
Max Value2

Configure required actions and validations that must be completed by an end-user to promote an untrusted file and open, view, and edit it on the user's device. 0. Do not allow users to manually trust files 1. Allow users to manually trust files 2. Allow users to manually trust files after an antivirus check


apphvsi.admx

Administrative Templates (Computers)

Administrative Templates (Users)