APPLOCKER & WINDOWS 8

Discussion in 'other software & services' started by hrnayy, Aug 19, 2012.

Thread Status:
Not open for further replies.
  1. hrnayy

    hrnayy Registered Member

    Joined:
    Jun 3, 2009
    Posts:
    23
    Hi Guys,

    I am not sure how many of you were started using Windows 8, but I just wanted to know, is AppLocker working in Windows 8 PRO (x64) edition?

    I've configured the policies, enforced it and started the AppIDSvc service. AppLocker was not working at all. After several restart and enforcing the policies nothing happened.

    I've also clean-installed my system twice but nothing happened.

    Please note that I am using Windows 7 Ultimate (x64 and x86) in three of my systems and all having no issues with AppLocker. But in Windows 8 Pro, I am unable to run it.

    Can anyone confirm if there is any problem with Windows 8?

    Thank you!

    PS: Policies were 'Default Policies' with DLL Rules enabled.
     
    Last edited: Aug 19, 2012
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. hrnayy

    hrnayy Registered Member

    Joined:
    Jun 3, 2009
    Posts:
    23
  4. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    Sorry for bumping this thread.

    It seems like AppLocker is not available on Windows 8 Pro, but only Windows 8Enterprise edition. I know some members here use AppLocker on Win7 too so I wonder what's your take...are you guys going to 'upgrade' to Win8 Pro and revert back to using SRP?
     
  5. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    I had no plans now or in the near future to upgrade to Win 8, but now even more reason to stick with Win 7 Enterprise after seeing this news that for the Win 8 Enterprise version, the Pro version is first required, and then you must have at least a small business of minimum 5 pc's and signed up to their their Software Assurance maintenance program :mad:
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    It's silly that the pro version doesn't have AppLocker as it's clearly an administrative tool aimed at locking down enterprise systems. But I guess that's what Enterprise Windows is for? The naming convention is very strange.

    Not a deal maker for me (never used it, never would)... but if I were working IT it might be.
     
  7. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    At least with Win 7 one there's no business and Software Assurance program requirements to purchase the Enterprise version. Nor is it required to first own the Pro license.
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Silly, indeed. Way too silly. o_O

    Come on... let's be honest now. I remember discussing with you how to properly configure AppLocker rules, because they weren't working as you expected them to be working. Even if shortly, you did use it. :D
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Tried AppLocker, it is a better SRP (kernel vs user level deployment).

    I would buy Win8 Pro, because I went back to SRP with default basic user level and SRP rules excluding Admin on my Win7 Ultimate. I want to install with a simple right click "run as admin".

    The open Admin gate is managed by UAC deny elevation of unsigned, and 1806 tweak with download of executables block (execution block), also obvious drive-by directories have a deny execute ACL.

    UAC and user mode security has improved in Win8 and it is faster, so when Win8 will become dominant on corporate PC's, I will also move to Win8 on my home PC's (lazy: same look and feel/user interface)
     
  10. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    That's not going to happen... Might as well wait for 9.... Maybe they'll bring it back in Pro by then, due to popular demand. :)
     
  11. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Two questions.
    1. did you get Basic User working under win7 when logged in as Admin?
    2. does win8 support this feature like xp/vista did?

    Sul.
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No,

    In Vista running IE or WMP as basic user, would prevent elevation. In Windows 7 it denies execution. I turned it around, run as basic user with default rules. Basic user acts as a deny execute in user space directories. But is has the comfort of being able to install with run as administrator, see pic
     

    Attached Files:

  13. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    I'm late to say thanks for the replies but hope you guys don't mind. Here's 1 more question to continue the discussion...

    We all know that there's this Hotfix for SRP/AppLocker bypass on Windows 7

    http://support.microsoft.com/kb/2532445
    http://blog.didierstevens.com/2011/11/17/hotfix-for-srpapplocker-bypass/

    If you see the comments section on Didier Stevens blog link above, you'll see this written by him:

    Aside from that comment by Didier, I searched the web and so far have not found anything substantial on the subject. If the issue still remains in Win8 as Didier mentioned, is MS planning on releasing a hotfix for it? Does anyone have any clues?
     
Loading...
Thread Status:
Not open for further replies.