AppGuard 4.x 32/64 Bit - Releases

Thanks. I prefer to download a standalone installer though.

 

Appguard updated to v4.4.6.1, no issue so far.

 

https://blueridgenetworks.s3.amazonaws.com/UpdateFolder/AppGuardSetup-4-4-6-1.exe

 

Thanks a lot.

 

I usually download the installer manually to upgrade, but I used the internal updater this time to make sure it was working ok; the upgrade went well.

 

Thank you! I will use the installer to upgrade when I roll my machine back again.

 

Finally... notification of update and required system reboot and no over-write of Publisher's list.

@mood - I would check the wildcard bugs. I cannot replicate. Maybe I am missing something ?

 

@mood - I tried these in Lock Down mode (4.4.6.1):

User Space - Yes

c:\windows\system32\sysprep\sysprep.exe (Blocked)
c:\windows\system32\*\sysprep.exe (Blocked)

Is this particular wildcard bug dependent upon user created folders\sub-folders ?

 

4.4.6.1 still not blocking *.reg script files...

 

even in Lockdown Mode?

 

No blocking even in Lock Down mode. I suppose it got missed or BRN will implement it later - or they might have changed their minds...

 

To make them act it fast, maybe create a benign POC that will show how .reg can be used as a tool of attack, because right now, I think they don't see it as an immediate threat considering that they didn't implement some protection against it.

 

Registry exploits are old as the universe and do plenty of nasty stuff. I wonder why it wasn't implemented from the beginning; but for their defense, a registry script is mostly initiated by an executable...so....

 

They're fully aware of it...

 

Yeah, I know that they're aware of it. But, why on earth did they not implement it? Why is it not one of their top priorities before releasing an update? They fixed some bugs, but not a possible hole in computer's defense.

Unless, as guest's post implies, it's really not an immediate threat to users.

 

I don't know why BRN updates things the way they do... seems a bit scatter-brained to me. Maybe under-staffed...

The people that fix things are limited in what they can do by the "higher-ups." I think there is some internal disagreement about what to fix and what to leave as-is.

I think if it weren't for Barb's efforts, bug fixes would be a lot slower.

It's frustrating as a beta tester -- because most of the bug reports I have seen are things that - if fixed - will make AppGuard a better product.

 

Yeah
Or, they're too focused on corporate things.
Slow responses can also be because of administrative management (i.e. the company's goals, and how it runs).

 

Important: try it without any executable at the end of the User-Space entry (remove sysprep.exe from it)
c:\windows\system32\sysprep <- Ok
c:\windows\*\sysprep <- Fail

---------
"old bug": All user added Ignored Messages gets deleted after an upgrade.
Two upgrades within the last 2 days = 2x deleted Entries. That's annoying

 

Only the Consumer Edition has the "wildcard-feature", but not the Business Edition.
Maybe that's why the wildcard-bug has ultra-low priority for them.

 

Access to Private Folders by any process - including AppGuard processes - will be blocked; it is not a bug but instead by-design.

* * * * *

However, I have seen other AppGuard process blocks reported in the Activity Report.

I reported them to BRN, but did not receive a reply - so I do not know about them.

 

http://imgur.com/vGXF9lB I reported them to BRN. Thanks

 

All programs started in User-Space can't access Private Folders.
And Guarded Apps with Privacy=Yes can't access them.

But AppGuard itself should access Private Folders.
It's in System Space and not Guarded.

 

That should be one of the cases where AppGuard blocks itself or some operations of itself.
It happens randomly to me. And so, reproducing it is difficult.

 

Why would you report it ? I am fairly sure it is by design...

 

Just to make sure