Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community

signed installers bypassing applocker and group policy

Copper Contributor

 

Morning

 

Im using group policy and app locker to prevent applications being installed by anyone on my network.  However, the issue im facing is that any application whomever it is signed by is deemed trusted and allowed through for any user to install.  

 

Without having to whitelist every application we use, is there a way to prevent signed apps from being run?  MS and Adobe are obviously deemed safe but im unsure if there are any signed installers in the wild that do have a security vulnerability and our users are installing them?  E.g. Virtru.exe is one of them.

 

Any guidance or known security issues with signed installers would be gratefully received.  Thanks

3 Replies

@clcurtis777 

Hello! You've posted your question in the Tech Community Discussion space, which is intended for discussion around the Tech Community website itself, not product questions. I'm moving your question to the Microsoft Intune space - please post related questions here in the future.

 

(If I am incorrect, feel free to look through our Community Hubs for a more appropriate space for your question.)

I dont have intune operational in my environment yet. windows server community perhaps?
Sure, I'll move it there.