The severity is MEDIUM because it does not represent a traditional security vulnerability but rather a configuration issue impacting usability. There's no evidence of unauthorized access or data breach, only functionality impairment.
Built-in Windows apps are being blocked post-domain join, likely due to AppLocker policy misconfiguration or unintended enforcement. This impacts new installations only, affecting system usability for both local and domain administrators.
Affected Systems
- Windows 11
Affected Versions: All versions post-domain join
Remediation
- Review and correct the AppLocker policy settings in Group Policy Management Console (GPMC). Ensure that built-in applications are not being inadvertently blocked by a restrictive rule.
- Check for any recent changes or updates that might have altered system behavior, focusing on security-related policies and configurations.
- Test the application of a new, clean GPO to see if it resolves the issue without impacting other systems.
Stack Impact
This does not directly impact nginx, docker, linux kernel, openssh, curl, openssl, python, or homelab components but affects Windows domain management and policy enforcement.