25 Windows policies to avoid setting, as told by Microsoft

Windows 11 Tease
Windows 11 Tease (Image credit: Microsoft)

What you need to know

  • Not all Windows policies have a place in the current Windows 11 and 10 landscape.
  • Microsoft has now elaborated on 25 that you should avoid setting.
  • Microsoft's breakdown also includes details such as why you shouldn't set certain policies and what their effects are.

Windows is ever-changing, ever-evolving, and ever-obsoleting its old utilities. Such is the case for 25 Windows policies that used to be cool but are now on Microsoft's naughty list.

Over at the Windows IT Pro blog, aptly named for its content that won't make sense to most people but is certainly useful for IT pros and associated techies, Microsoft's Aria Carley has penned a writeup of 25 Windows policies (opens in new tab) you shouldn't bother setting.

"The Windows update policy set contains policies that no longer have any impact; that don't work as described on devices running Windows 10, version 20H2 or later; or that work but not as well as the policies that were added to accomplish a similar experience in a much better way," the post reads, before diving into the nitty-gritty of which policies you can pass on.

The post also notes that Windows 11 has a dedicated subfolder that clarifies what policies are legacy to help you figure out what's worth your time (and what isn't). You can see the full roundup of policies over at the hyperlinked Windows blog post above. Or, alternatively, take a look at Twitter, wherein Carley has shared a concise breakdown of a few policies worth paying attention to. However, the formal blog post goes into much greater detail and names additional policies (via BleepingComputer).

See more

And in non-policy news, keep an eye on recent Windows updates and changes from Microsoft; the company's cleaning up a ton of bugs including a notorious Outlook Search issue.

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

  • This is handy, haven't set any of these for myself. But will keep this on hand for future reference.
  • But what does the Admin who still has thousands of W7 and XP machines still running in their Enterprise do?
    (i.e. Me) Simple; Apply WMI filters to those group policies so they do not apply to W10 and W11 systems. Those polices are still required to keep the older systems up to date (if you can't turn them off or upgrade them because of software/hardware dependencies you can't do anything about (Manufacturing issues. It's ALWAYS "Manufacturing Issues". Businesses refuse to give up their cash-cows no matter how big of a security risk they have become and you, as a sys admin must keep the old stuff running and NO, you can't isolate it off in its own security subnets because it has to interface with the Global Enterprise ERP systems (yes, plural).) You would be surprised how many pieces of manufacturing equipment actually have Windows XP system built into them (Environmental Chambers, Testing Equipment, Microscopes, Biological Scanners, Air Conditioning units, Water Filtration systems, etc.) and you must keep those running as new units cost hundreds of thousands of $$$ each and would cause months of downtime to install and calibrate. Especially in 3rd world countries. Also, move to INTUNE to manage your PCs. It's much more granular in its control and much more flexible in handling these older systems and invest in White-List products and lock those manufacturing systems down HARD. No Internet access, no browsing outside the corporate network, no local admin rights, no Office or any other applications, disable USB, CD-ROM, Serial Ports that you can without breaking the app (hot glue the USB ports closed if you have to.)