AppControl Manager 1.8.4.0
What's New
Important
How To Install: Copy and Paste this command in a PowerShell window as Admin. (Technical explanation available here)
(irm 'https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/main/Harden-Windows-Security.ps1')+'AppControl'|iex
-
Upgraded the .NET version and NuGet packages.
-
Implemented ISG based Supplemental policy in the AppControl Manager. This is a new type of supplemental policy that doesn't explicitly allow anything, instead it only activates the usage of the ISG, Intelligent Security Graph, on the system so reputable files can be automatically authorized.
-
Implemented initial support for translating the AppControl Manager to other languages.
-
Implemented another protection when removing signed policies in AppControl Manager.
-
This new protection mechanism ensures the safe removal of signed policies. To complete the process securely, a system reboot is required after the first stage. The newly implemented protection verifies that the reboot has been performed before allowing the process to proceed to the final stage.
-
If the user forgets to reboot or is unsure whether it’s necessary, a prompt will appear to guide them through the process. This safeguard prevents accidental errors that could lead to boot failures, making the AppControl Manager even safer and more reliable when managing Signed App Control policies.
-
Wonder why Signed policies are important? Check out this article
-
-
Implemented Strict Kernel-mode App Control Policy. It's a special type of policy that can protect against all BYOVD scenarios as well as protecting the kernel unauthorized access while letting regular user-mode files to function normally.
-
Implemented Strict Kernel-mode Supplemental policy creation.
-
All local file scans in the AppControl Manager now consider the Security Catalogs, improving accuracy.
-
Added support for catalog signed files to the View File Certificates page. Many files are signed via Security Catalogs. So they seem unsigned if you investigate them individually, but Windows has access to the Security Catalogs where those files' signatures exist and now AppControl Manager can show you those details.
Auto Generated Release Notes
- AppControl-Manager-DownloadLink-Version-Update-Version-1.8.3.0 by @github-actions in #517
- Implemented ISG based Supplemental policy in the AppControl Manager by @HotCakeX in #520
- Adding initial support for translating app control manager into other languages by @HotCakeX in #521
- Implemented another protection when removing signed policies in AppControl Manager by @HotCakeX in #522
- Alignment of namespaces with folder structures in the AppControl Manager code base by @HotCakeX in #523
- Bump System.Management from 9.0.0 to 9.0.1 in /Harden-Windows-Security Module by @dependabot in #530
- Bump System.Management from 9.0.0 to 9.0.1 in /AppControl Manager by @dependabot in #529
- Bump Microsoft.WindowsAppSDK from 1.6.241114003 to 1.6.250108002 in /AppControl Manager by @dependabot in #528
- Bump Microsoft.XmlSerializer.Generator from 9.0.0 to 9.0.1 in /AppControl Manager by @dependabot in #526
- Bump System.Security.Cryptography.Pkcs from 9.0.0 to 9.0.1 in /AppControl Manager by @dependabot in #527
- Bump System.Diagnostics.EventLog from 9.0.0 to 9.0.1 in /AppControl Manager by @dependabot in #525
- Implementing Strict Kernel-mode policy in AppControl Manager by @HotCakeX in #531
- Removing unused PowerShell logic from the deprecated WDACConfig module by @HotCakeX in #532
- Added support for catalog signed files in local file scans in the AppControl Manager by @HotCakeX in #533
- Bump System.DirectoryServices.AccountManagement from 9.0.0 to 9.0.1 in /Harden-Windows-Security Module by @dependabot in #534
- Version bump to 1.8.4.0 - AppControl Manager by @HotCakeX in #535
- Minor improvements before AppControl Manager v.0.1.8.4 release by @HotCakeX in #536
- Updating documents with new information by @HotCakeX in #537
Full Changelog: AppControlManager.v.1.8.3.0...AppControlManager.v.1.8.4.0
Note
As mentioned at the top, please refer to this page for installation instructions.