Applocker Windows Folder Exceptions

Discussion in 'other software & services' started by Gobbler, Feb 9, 2012.

Thread Status:
Not open for further replies.
  1. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    I have just upgraded from Win 7 HP to Ultimate and I want to try out AppLocker and I have a question about exceptions in the Windows folder as suggested by MrBrian in an old thread.I want to know are those exceptions necessary in the system folder from a local security point of view or also from remote malware as well.Suppose I am using Firefox/Chrome and it is set to download files only to the downloads folder, can malware be still downloaded to those supposed to be excluded folders and executed?
     
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Those file system areas are generally protected against writing, from within standard user accounts, but a few of those areas are not.
    The default rules created by AppLocker will allow execution from Program Files and Windows, therefore you should create those exceptions.

    You should also check whether or not some other folder allows writing, and therefore execution, because sometimes third-party applications may weaken Windows default security settings.

    -edit-

    Answering to your question, that will depend on whether or not there's some failure in how the browser restricts the download location, I suppose. It could be possible that, at some point in time, any browser will leak due to bugs. Better safe than sorry. ;)
     
  3. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    Thanks, got it:thumb:
     
Loading...
Thread Status:
Not open for further replies.