Some recent information indicated that Microsoft planned to offer a version of Windows 10, called Windows 10 “Cloud” edition, that would lock down application installation to only the Windows Store. Now, it appears that Microsoft is turning on that feature for all Windows 10 versions starting with Creators Update, Windows Central reports.
The feature is managed in the Settings app, specifically in the Apps section that appeared in more recent Windows Insider preview builds. The latest build has a new setting that allows the user to allow apps to be installed from anywhere, to “prefer apps” from the Windows Store but allow apps to be installed from anywhere, and to only allow apps from the Windows Store.
If you turn on the second, less restrictive option, then you will be presented with a dialog asking if you’re sure you want to install a non-Windows Store app. If you have the more restrictive option turned on, then you won’t be able to install a non-Windows Store app. This limits the system to running only Universal Windows Apps, or desktop apps that have been converted to installing via the Windows Store.
The feature requires administrator rights to change and so a user with a standard account could be restricted to only installing Windows Store apps. Even for administrative accounts, however, the feature would provide a security benefit by ensuring that only the more security-conscious Windows Store apps can be installed and thus remove one vector of attack.
Note that existing desktop apps that have already been installed prior to changing the setting will still run. If you want to limit your Windows 10 machine from installing potentially less secure apps, but want to be able to install certain apps that you’re certain are safe, then you can simply toggle the setting, reboot, install your app, and then toggle the safeguard back on.
