Tag Archives: applocker

AppLocker Executable policy breaks Windows 10 Jump Lists

Jump lists, very handy. You’ve pinned a piece of software to the taskbar, and then you can right-click the icon and get a list of pinned and/or recently used files or connections. I recently enabled AppLocker executable policy and applied … Continue reading

Rate this:

Posted in Security, Windows | Tagged , , , , , , , , , , , , , , , | 1 Comment

Analyse AppLocker Logs for Exceptions

If you’re planning to rollout AppLocker you might want to run it in Audit mode first, to see where things are being run from. You might want to store those logs centrally, see my previous post for how to get … Continue reading

Rate this:

Posted in PowerShell, Security, Windows | Tagged , , , , , , , , | Leave a comment

Send Windows Event Logs to SQL Database

I’m currently in the process of planning for an AppLocker rollout to all my PCs (about 7,500 of them) due to an increasing amount of malware. You should probably be doing this too. Anyway, a sensible first step is to … Continue reading

Rate this:

Posted in PowerShell, Scripting, Security, Windows | Tagged , , , , , , , , , , , , , , , , , , , , , , , | 4 Comments

AppLocker blocking getpaths.cmd

When you configure the default AppLocker Script rules in a Group Policy Object (GPO) one of the ones it adds is for: %OSDRIVE%\*\temp\*\getpaths.cmd Except when a user logs on, if you’ve enabled the AppLocker MSI and Script event log, you … Continue reading

Rate this:

Posted in Remote Desktop, Windows | Tagged , , , , , , , | 5 Comments

AppLocker and App-V client on Windows Server 2008 R2

I found it relatively easy to get these two to work together on my 2008 R2 terminal servers. Basically, create an AppLocker Executable Allow rule to path Q:\* (assuming Q is the drive used by App-V on your system).

Rate this:

Posted in Applications, Windows | Tagged , , , | Leave a comment