The Package Support Framework (PSF) is one of the most important compatibility tools in the MSIX ecosystem. It lets legacy desktop applications run inside MSIX by placing a launcher and runtime layer in front of the application, applying fixups, and optionally running PowerShell scripts before or after the app runs.
That flexibility raises a governance question our R&D set out to answer: how much additional user and operational risk does PSF introduce, especially in Azure Virtual Desktop App Attach environments? The result is a new defensive security analysis by Ryan Mangan, CITP FBCS, published openly under a Creative Commons CC BY 4.0 licence.
What the paper finds
PSF is not inherently unsafe, but it should be treated as a trusted, full-trust compatibility layer rather than a routine packaging default. A controlled positive test confirmed that PSF start scripts do execute under interactive activation, while non-interactive automation under-reported them. The practical warning for delivery teams: a clean install and launch is not evidence that a configured script actually ran.
The highest risks are script governance, broad full-trust desktop scope, fixup behaviour that is hard to inspect after deployment, supply-chain injection before a package is signed, and App Attach launch-time sensitivity.
The recommended position is evidence-based use: prefer native MSIX first, add PSF only where runtime evidence proves it is needed, sign and inventory every PSF binary, treat scripts as managed code, protect the signing and packaging pipeline, and validate App Attach behaviour on production-equivalent hosts.
Part of a wider research programme
This paper is one of several research projects underway across EfficientEther. We publish work like this in the spirit of giving back to the community, and to help customers make informed, evidence-based choices about how their applications are packaged and delivered. More studies will follow.
The packaging and validation in the study were carried out with EtherApps Forge, which captures the real application footprint and recommends the most suitable route across MSIX, MSI, IntuneWin, App Attach, and portable formats, applying PSF fixups only where the evidence shows they are genuinely required.
Explore MSIX packaging and deployment or review agentic application packaging to see how a controlled, evidence-led packaging operation comes together.