Schlagwort: ByPassing

How to prevent bypassing AppLocker using Alternate Data Streams

AppLocker Exception: log-directory, exclude Alternate Data Streams

I usually write my blog-posts in german. This one is in english, because Sami Laiho asked me to do a short write-up, to make this problem available to a broader audience. Who is affected and what’s the problem? If you are using AppLocker Application-Whitelisting using Path-Rules with Exceptions you are probably affected. See the following example to understand, what type of problem…

Read More »