Microsoft has updated a Windows 11 in-box app removal policy introduced in October to include a dynamic list that lets IT admins choose which preinstalled Store apps to uninstall.
The updated RemoveDefaultMicrosoftStorePackages policy enables admins to remove any preinstalled MSIX/APPX app by referencing its Package Family Name (PFN) using Group Policy Object (GPO) or a custom OMA-URI for mobile device management (MDM).
“IT admins, you can now simplify Microsoft Store app management with dynamic removal on more devices across your enterprise. Use policy to remove any preinstalled MSIX/APPX app by referencing its Package Family Name (PFN),” Microsoft said on Thursday.
To get this new feature, admins must ensure that their devices have at least the April 2026 Windows non-security update deployed. Windows Insiders can get it after installing the March 13, 2026, builds in the Dev and Beta channels.
To make it work using Group Policy, admins have to:
Microsoft has also extended support for the RemoveDefaultMicrosoftStorePackages policy to systems running Enterprise and Education editions of Windows 11 24H2. Microsoft introduced the policy in October 2025, but it was only made available on devices running Windows 11 25H2 or later.
“The updated app removal policy is now extended to Windows 11, version 24H2 Enterprise and Education editions. Originally, you could only use this feature on devices running Windows 11, version 25H2 or newer,” Microsoft added. “If your organization has standardized on the 2024 release, you can benefit from policy-driven app management without a full OS version upgrade.”
The complete list of supported apps and detailed guidance on applying the policy to a single device via the Local Group Policy Editor or to multiple Active Directory-joined devices are available here.
While the Intune entry for this policy does not include the dynamic list option, Microsoft has said it will become available in the coming months.
“When this feature becomes generally available in Intune, search for ‘Remove Default Microsoft Store packages’ in the settings picker to locate it,” it noted.
Earlier this month, Microsoft also announced that IT admins can now uninstall the AI-powered Copilot digital assistant from enterprise devices using the new RemoveMicrosoftCopilotApp policy setting after installing the April 2026 Patch Tuesday cumulative updates.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
Claim Your Spot
