From 5f8f15a24c7789585c3780878006c8d0bcb7b25d Mon Sep 17 00:00:00 2001
From: Paul Higinbotham <paulhi@microsoft.com>
Date: Wed, 18 Jan 2023 14:24:34 -0800
Subject: [PATCH] Allow system lock down test debug hook to work with new wldp
 API (fixes system lock down tests) (#18962)

---
 .../security/wldpNativeMethods.cs                             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/System.Management.Automation/security/wldpNativeMethods.cs b/src/System.Management.Automation/security/wldpNativeMethods.cs
index 730db922a0..a2be725da7 100644
--- a/src/System.Management.Automation/security/wldpNativeMethods.cs
+++ b/src/System.Management.Automation/security/wldpNativeMethods.cs
@@ -110,9 +110,9 @@ namespace System.Management.Automation.Security
         {
             SafeHandle fileHandle = fileStream.SafeFileHandle;
 
-            // First check latest WDAC APIs if available.
+            // First check latest WDAC APIs if available.  Also revert to legacy APIs if debug hook is in effect.
             Exception errorException = null;
-            if (s_wldpCanExecuteAvailable)
+            if (s_wldpCanExecuteAvailable && !s_allowDebugOverridePolicy)
             {
                 try
                 {