Apparently it isn't. As you can see from the screenshot, Win10 Pro had no problem configuring and enforcing the AppLocker policy, which was created using the standard GUI method. No trickery involved.
-
-
Replying to @wdormann @SwiftOnSecurity and
Not like I don't believe you, but this is not apparent based on these screenshots. Do you have the corresponding entries in the event log under Application and Services - Microsoft - Windows - Applocker? Do 'Deny' Executable Rules work as well and have event logs?
1 reply 0 retweets 0 likes -
Replying to @vsterkin @SwiftOnSecurity and
Well this is quite interesting. Event viewer indicates that AppLocker isn't available on this SKU. But: 1. Why does Win10 Pro allow for AppLocker rules to be created if it doesn't enforce them? 2. Why does the machine have no foistware if it doesn't enforce the rules I created?pic.twitter.com/WXpAkEbCtc
4 replies 0 retweets 1 like -
A day and a reboot later, this VM is still free of foistware. So far this is the ONLY technique I've seen so far that successfully appears to block the junk appearing on a Win10 Pro system. Now, given that the Pro SKU doesn't appear to actually enforce AppLocker... ¯\_(ツ)_/¯pic.twitter.com/agV9yx3vGv
1 reply 0 retweets 1 like -
Have you tried booting a blank Win2010 VM with no changes since? Maybe MS fixed something.
1 reply 0 retweets 0 likes -
Replying to @GossiTheDog @vsterkin and
Good thinking. Here's the exact same VM as above, but reverted to a prior snapshot (immediately after 1709 Pro clean install). Win10 Foistware appeared shortly after installing latest updates. Only the VM with the AppLocker rule stays clean of the junk so far.pic.twitter.com/DW3dtadYn1
1 reply 0 retweets 1 like -
Is it same VM cloned? It may have same GUID with MS.
2 replies 0 retweets 0 likes -
Replying to @GossiTheDog @vsterkin and
OK I suppose there are variables outside of my control here, so I probably can't test this further. I reverted the same VM back to a cleanly-installed snapshot, re-created the same AppLocker rule, and the foistware appeared! IOW, AppLocker doesn't block foistware on Win10 Pro.pic.twitter.com/67OnEZyWN3
2 replies 0 retweets 1 like -
Replying to @wdormann @GossiTheDog and
It's a bit too early to tell for sure, but applying this .REG file and rebooting appears to block foistware on all Windows 10 SKUs for me: https://gist.github.com/wdormann/49f1807431b0d5b5cd151337e6478f20 … I'd be interested if anybody else has success or failure using this strategy.
3 replies 1 retweet 3 likes -
Replying to @wdormann @GossiTheDog and
I'll give it a shot later, but I'm curious about side effects. Does it also block Windows Spotlight content for the lock screen?
1 reply 0 retweets 0 likes
The lock screen photo wallpaper still works, if that's what you're referring to. I was also able to manually install an app from the Windows Store as well. I'll leave all of the VMs running to make sure it's not just a delayed effect. But so far so good...
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.