It seems KB370118 was just an internal fix number. It has just been released as KB2532445 at http://support.microsoft.com/kb/2532445. The hotfix...
I thought it was interesting to note that Microsoft now warns for this specific situation in this Security Considerations for AppLocker technet...
@Lucy: for a downloaded program to bypass the AppLocker restrictions it needs to be started by an already whitelisted application using the...
I wrote it myself. It was very easy considering I didn't know much VB before I started today. Of course all the credit goes to Didier, I just put...
True, but my point is that all it takes is one rogue/careless whitelisted installer/exe/macro to completely circumvent AppLocker using these...
Could this be related? http://twitter.com/msftsecresponse/statuses/30429733023907840
Personally I can't fathom allowing end users to update applications by themselves and still keeping the desktops secure. But let's assume this is...
Disabling all macro capabilities in all whitelisted applications in order to make AppLocker work the way it is supposed to is not a solution IMHO....
I don't expect much, but we got the CWDIllegalInDllSearch registry entry in the end, didn't we? At the very least a working proof of concept...
Thanks for confirming. Can you do this, and submit it to Microsoft as a way to circumvent AppLocker? This will force them to take this very seriously.
No exploits are needed. I'm pretty sure Didier's proof of concept Excel code can be turned into a generic "run any exe" tool. Why is it that a...
I can agree with this statement about SRP because it is implemented in userland. AppLocker on the other hand is most definitely intended as a...
Have you tried Bit9 Parity and McAfee Application Control? I'd very much like to see this "feature" configurable with a registry setting....
Separate names with a comma.
