Forum Discussion
WDAC Can't whitlist .sys driver
We have implemented the WDAC Policy. It works so far, but I have a problem with two drivers. They are things I can't solve. It is a smart card reader by Reiner (file cjusb.sys). This file is signed, ...
Bloomberg software I have seen people still have to whitelist the entire directory of it for it to work properly. No matter what, Microsoft doesn't seem to like the certificates Bloomberg uses, and that has been true for a long while now.
I have found a reason why Windows Defender acts in this way. If a driver KMDF specified and non WHQL certified it will be blocked by defender regardless if it is signed. I talked yesterday with the provider and he gave me a UMDF driver. Now everything works.
For Bloomberg we have written a program which checks files against Bloomberg certificates and re-signs them if they qualify given criteria. Process takes about 3min and the user does accept this. After resigning Bloomberg works as expected.
I haven't opened any directories because it is difficult to monitor them all...