Policy-based removal of pre-installed Microsoft Store apps
Have you ever needed to remove pre-installed Microsoft Store apps? If so, you might have encountered scripts that break when apps change, making your job more time-consuming. Thanks to your feedback, starting this month, you can remove select provisioned in-box apps using straightforward policy on Windows 11 Enterprise or Windows 11 Education, version 25H2. Custom imaging and complex scripts are no longer required.
You’re now more in control of provisioned Microsoft Store apps than ever. Meet the new policy: Remove default Microsoft Store packages from the system.
How the new app management policy works
Here’s what you need to know about this new policy:
* It lets you select from a defined list of preinstalled Microsoft Store apps and remove those apps from Windows 11 Enterprise and Education devices.
* It works with Group Policy or your mobile device management (MDM) solution, including Microsoft Intune.
* This policy is off by default, so you must explicitly enable it.
* Once enabled, enforcement occurs automatically. A cleanup task deprovisions removed packages and local app data is removed from the user’s device.
* The policy is applied to the user’s device during any of the following occasions:
o During the out-of-box experience (OOBE)
o When the user signs in after an operating system (OS) upgrade
o When the user signs in after an update to the policy
* The policy can be used in conjunction with standard Windows provisioning methods, including Windows Autopilot. However, it’s not specific to or dependent on these methods.
Why policy-based removal of apps matters
By using a policy to remove preinstalled Microsoft Store apps, you can:
* Reduce operational overhead. Drop fragile and manual removal scripts and automate operations.
* Create a cleaner, work-ready experience. Provide a Windows experience tailored for your work environment.
Policy availability and applicable apps
The new policy is now available for devices running Windows 11 Enterprise, version 25H2 and Windows 11 Education, version 25H2.
It currently supports removal of the following apps:
* Calculator
* Camera
* Feedback Hub
* Microsoft 365 Copilot
* Microsoft Clipchamp
* Microsoft Copilot (consumer version)
* Microsoft News
* Microsoft Photos
* Microsoft Solitaire Collection
* Microsoft Sticky Notes
* Microsoft Teams
* Microsoft To Do
* MSN Weather
* Notepad
* Outlook for Windows
* Paint
* Quick Assist
* Snipping Tool
* Sound Recorder
* Windows Media Player
* Windows Terminal
* Xbox Gaming App
* Xbox Identity Provider
* Xbox Speech to Text Overlay
* Xbox TCUI
The list will be updated as appropriate for future releases.
Enable in-box app removal via policy
This app management policy is available to you via Microsoft Intune settings catalog, configuration service provider (CSP), and Group Policy Object (GPO). To make use of it, you’ll need to enable it and tailor the list of preselected apps to your organization’s requirements. Avoid applying both an Intune and a GPO removal policy to the same device.
Recommended: Configure devices with Microsoft Intune
You can use Microsoft Intune to configure devices with a settings catalog policy or a CSP policy.
* In Microsoft Intune admin center, go to Devices > Manage devices > Configuration > Create > New policy to create a settings catalog policy.
* Use the following settings:
* Category: Administrative Templates\Windows Components\App Package Deployment
* Setting name: Remove default Microsoft Store packages from the system
* Value: Enabled
* Set the toggle to True for each app to remove it.
* Assign the policy to the desired group, or groups, of devices. Note: Intune won’t apply this policy to unsupported devices and will instead show a status of “Not applicable” for those devices.
You can also configure devices with the RemoveDefaultMicrosoftStorePackages CSP policy. This ADMX-backed policy uses an XML payload to specify which apps to remove.
o Set the value of packages to be removed to True. For example,
o Set the value of packages to keep to False. For example,
Use Group Policy
To apply the policy to a single device, use the Local Group Policy Editor. For multiple devices joined to Active Directory, create or edit a GPO and use the following settings:
o Group policy path: Computer Configuration\Administrative Templates\Windows Components\App Package Deployment
o Group policy setting: Remove Default Microsoft Store packages from the system
o Value: Enabled
Select the apps to remove from the provided app list.
One way to double-check that this policy is active is to check registry keys. The registry keys will have configured values under HKLM\SOFTWARE\Policies\Microsoft\Windows\Appx\RemoveDefaultMicrosoftStorePackages.
Customize app availability for your users today
With this new app management policy, you can efficiently deploy changes to the default Microsoft Store apps available on your users’ devices. Empower your organization to be more productive by offering a more tailored user experience. Simplifying device configurations can also help strengthen your security posture and streamline daily operations.
And, if you have been manually removing in-box apps because their versions are out of date, you no longer need to! We’ve solved that problem in the latest versions of Windows 11. Your built-in Microsoft Store apps now come updated out-of-the-box.
Now is the perfect time to deploy Windows 11 Enterprise or Education, version 25H2, and take advantage of this new management capability.
---
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.
