Microsoft Fix for Applocker

Monday, November 14, 2011 @ 07:11 PM gHale


Microsoft released a temporary fix for a flaw in its latest operating system that allows untrusted users to bypass security measures preventing them from running unauthorized applications.

AppLocker allows administrators to restrict the applications that can run on computers running Windows 7 and Windows Server 2008.

RELATED STORIES
Apple, Adobe Talk Security Updates
Third Party Vulnerability Hits Mitsubishi
Remote Procedure Call Vulnerability
SCADA/HMI ActiveX Hole Found

End users, though, can easily override the restrictions by invoking a variety of automated script features, including macros in Microsoft Office. Programming flags such as SANDBOX_INERT and LOAD_IGNORE_CODE_AUTHZ_LEVEL could even allow malware stashed in temporary folders to execute.

Microsoft published a hotfix last week to correct the flaw.
http://support.microsoft.com/kb/2532445

“This hotfix might receive additional testing,” Microsoft’s advisory said. “Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.”

The advisory didn’t say when that update would release.



Leave a Reply

You must be logged in to post a comment.