AppLocker is anapplication whitelisting technology introduced withMicrosoft'sWindows 7 operating system. It allows restricting which programs users can execute based on the program's path, publisher, or hash,[1] and in an enterprise can be configured viaGroup Policy.
Windows AppLocker allows administrators to control which executable files are denied or allowed to execute. With AppLocker, administrators are able to create rules based on file names, publishers or file location that will allow certain files to execute. Unlike the earlier Software Restriction Policies, which was originally available forWindows XP andWindows Server 2003,[2] AppLocker rules can apply to individuals or groups. Policies are used to group users into different enforcement levels. For example, some users can be added to an 'audit' policy that will allow administrators to see the rule violations before moving that user to a higher enforcement level.
Starter | Home Basic | Home Premium | Professional | Enterprise | Ultimate |
---|---|---|---|---|---|
No | No | No | Create policies, but cannot enforce | Create and enforce policies | Create and enforce policies |
RT | (Core) | Pro | Enterprise |
---|---|---|---|
No | No | No | Yes |
Home | Pro | Enterprise | Education |
---|---|---|---|
Yes | Yes | Yes | Yes |
There are several generic techniques for bypassing AppLocker: