Preinstalled download modification archived

Privacy policy. There are multiple tools which can be used to install an MSIX packaged app to a device for all users:. This article will provide an overview of how preinstalled apps work and how provisioning and licenses work with preinstalled apps. Staging a packaged app to a device, is the act of storing a copy of the packaged app to the local file system.

A packaged app must only be staged once, and can be performed without any user accounts existing on the device. The staging of a packaged app can be performed on an offline image. After a packaged app has been staged, the app can then be registered to users on the device. Registration occurs on a per-user basis, and begins when a user of the device logs on.

The operating system will then load the preinstalled packaged app package creating user specific app data, create file type associations, and app tiles in the start menu.

Dism can be used to service a Windows image. To do provisioning, the IT Pro needs an app package. Brute Force. Password Guessing. Password Cracking. Password Spraying. Credential Stuffing. Credentials from Password Stores.

Securityd Memory. Credentials from Web Browsers. Windows Credential Manager. Password Managers. Exploitation for Credential Access. Forced Authentication. Forge Web Credentials. Web Cookies. SAML Tokens. Input Capture. GUI Input Capture. Web Portal Capture. Credential API Hooking. Network Sniffing. OS Credential Dumping. Security Account Manager. LSA Secrets. Cached Domain Credentials. Proc Filesystem. Steal Application Access Token. Steal or Forge Kerberos Tickets.

Golden Ticket. Silver Ticket. Steal Web Session Cookie. Two-Factor Authentication Interception. Unsecured Credentials. Credentials In Files. Credentials in Registry. Bash History. Private Keys. Group Policy Preferences. Container API. Account Discovery. Email Account.

Application Window Discovery. Browser Bookmark Discovery. Cloud Infrastructure Discovery. Cloud Service Dashboard. Cloud Service Discovery. Cloud Storage Object Discovery. Container and Resource Discovery. Domain Trust Discovery. File and Directory Discovery. Group Policy Discovery. Network Service Scanning. Network Share Discovery. Password Policy Discovery. Peripheral Device Discovery. Permission Groups Discovery. Local Groups. Domain Groups. Cloud Groups.

Process Discovery. Query Registry. Remote System Discovery. Software Discovery. Security Software Discovery. System Information Discovery. System Location Discovery. System Language Discovery.

System Network Configuration Discovery. Internet Connection Discovery. System Network Connections Discovery. System Service Discovery. System Time Discovery. Lateral Movement. Exploitation of Remote Services.

Internal Spearphishing. Lateral Tool Transfer. Remote Service Session Hijacking. SSH Hijacking. RDP Hijacking. Remote Services. Remote Desktop Protocol. Distributed Component Object Model. Windows Remote Management. Taint Shared Content.

Archive Collected Data. Archive via Utility. Archive via Library. Archive via Custom Method. Audio Capture. Automated Collection. Browser Session Hijacking. Clipboard Data. Data from Cloud Storage Object. Data from Configuration Repository. Network Device Configuration Dump. Data from Information Repositories.

Code Repositories. Data from Local System. Data from Network Shared Drive. Data from Removable Media. Data Staged. Local Data Staging. Remote Data Staging. Email Collection. Local Email Collection. Remote Email Collection. Email Forwarding Rule. Screen Capture. Video Capture.

Command and Control. Application Layer Protocol. Web Protocols. File Transfer Protocols. Mail Protocols. Communication Through Removable Media. Data Encoding. Standard Encoding. Non-Standard Encoding. Data Obfuscation. Junk Data. Protocol Impersonation. Dynamic Resolution. Fast Flux DNS. Domain Generation Algorithms. DNS Calculation. Encrypted Channel. Symmetric Cryptography.

Asymmetric Cryptography. Fallback Channels. Ingress Tool Transfer. Multi-Stage Channels. Non-Application Layer Protocol. Non-Standard Port. Protocol Tunneling. Internal Proxy. External Proxy. Multi-hop Proxy. Domain Fronting. Remote Access Software.

Web Service. Dead Drop Resolver. Bidirectional Communication. One-Way Communication. Automated Exfiltration. Traffic Duplication. Data Transfer Size Limits. Exfiltration Over Alternative Protocol. Exfiltration Over C2 Channel. Exfiltration Over Other Network Medium.

Exfiltration Over Bluetooth. Exfiltration Over Physical Medium. Exfiltration over USB. Exfiltration Over Web Service. Exfiltration to Code Repository. Exfiltration to Cloud Storage. Scheduled Transfer. Transfer Data to Cloud Account. Account Access Removal. Data Destruction. Data Encrypted for Impact. Data Manipulation.

Stored Data Manipulation. Transmitted Data Manipulation. Runtime Data Manipulation. Internal Defacement. External Defacement. Disk Wipe. Disk Content Wipe. Disk Structure Wipe. Endpoint Denial of Service. OS Exhaustion Flood. Service Exhaustion Flood. Application Exhaustion Flood. Application or System Exploitation.

Firmware Corruption. Inhibit System Recovery. Network Denial of Service. Direct Network Flood. Reflection Amplification. Resource Hijacking. Service Stop. Deliver Malicious App via Other Means. Exploit via Charging Station or PC.

Exploit via Radio Interfaces. Install Insecure or Malicious Configuration. Lockscreen Bypass. Masquerade as Legitimate Application. Broadcast Receivers. Command-Line Interface. Native Code. Code Injection. Compromise Application Executable. Foreground Persistence. Modify Cached Executable Code. Modify System Partition. Modify Trusted Execution Environment. Device Administrator Permissions. Exploit OS Vulnerability.

Exploit TEE Vulnerability. Application Discovery. Delete Device Data. Device Lockout. Download New Code at Runtime. Evade Analysis Environment. Input Injection. Proxy Through Victim. Suppress Application Icon. Uninstall Malicious Application. User Evasion.

Access Notifications. Access Sensitive Data in Device Logs. Access Stored Application Data. Capture Clipboard Data. Capture SMS Messages. Input Prompt. Network Traffic Capture or Redirection. URI Hijacking. Location Tracking. Exploit Enterprise Resources. Access Calendar Entries. Access Call Log. Access Contact List. Call Control. Capture Audio. Capture Camera. Network Information Discovery. To receive email updates about this page, enter your email address: Email Address.

What's this? Links with this icon indicate that you are leaving the CDC website. Linking to a non-federal website does not constitute an endorsement by CDC or any of its employees of the sponsors or the information and products presented on the website. You will be subject to the destination website's privacy policy when you follow the link. CDC is not responsible for Section compliance accessibility on other federal or private website.

Cancel Continue.