lunes, 2 de febrero de 2026

Device configuration profile policy appx package

 

Surprisingly, the Bing News application installed on Windows 11 is a way to bypass the internet browsing restrictions on a device with blocking and whitelist policies applied in Intune.

To address this, I wanted to apply the new “Device configuration profile” added in Intune to uninstall default built-in (APPX) applications. However, to my surprise, I found that this policy only applies during a device wipe, fresh start, etc. It does not remove applications once the device is already installed and in use.

To achieve this, I created a remediation script that uninstalls native APPX applications once they are detected.

1. Command that give us the name of the current appx apps in the computer: 

Get-AppxPackage -AllUsers | Format-List -Property Name
* -Allusers requires local admin rights.

2. Array with the name of the apps to remove: 

 Example:

        $PackagesToUninstall = @(

            "Microsoft.BingNews"
            "Microsoft.BingSearch"

        )

3. Detection Script:

$PackagesToUninstall  = @(
     "Microsoft.BingNews"
     "Microsoft.BingSearch"
    
)

$InstalledPackages = Get-AppxPackage -AllUsers | Where {($PackagesToUninstall -contains $_.Name)}

if ($InstalledPackages = $null){

    Exit 0

}else{

    Exit 1603

}
4. Remediation Script:
$PackagesToUninstall= @(
    "Microsoft.BingNews"
    "Microsoft.BingSearch"
    
)

$InstalledPackages = Get-AppxPackage -AllUsers | Where {($PackagesToUninstall -contains $_.Name)}

$ProvisionedPackages = Get-AppxProvisionedPackage -Online | Where {($PackagesToUninstall -contains $_.DisplayName)}

ForEach ($PPackage in $ProvisionedPackages) {

    Write-Host -Object "Removing the provisioned package: [$($PPackage.DisplayName)]..."

    Try {
        $Null = Remove-AppxProvisionedPackage -PackageName $PPackage.PackageName -Online -ErrorAction Stop
        Write-Host -Object "Successfully packaged removed: [$($PPackage.DisplayName)]"
    }
    Catch {Write-Warning -Message "Failed the package: [$($PPackage.DisplayName)]"}
}

ForEach ($AppPackage in $InstalledPackages) {
                                            
    Write-Host -Object "Removing Appx package: [$($AppPackage.Name)]..."

    Try {
        $Null = Remove-AppPackage -Package $AppPackage.PackageFullName -AllUsers -ErrorAction Stop
        Write-Host -Object "Successfully Appx package removed: [$($AppPackage.Name)]"
    }
    Catch {Write-Warning -Message "Failed the Appx package: [$($AppPackage.Name)]"}
}

Publicado por en No hay comentarios:
Etiquetas: , , ,
Suscribirse a: Comentarios (Atom)