Share via

Windows Shell Launcher exit event meaining

Nikola Nikolov 20 Reputation points
2024-05-15T08:58:08.97+00:00

Hello, I have a question regarding exit events for Windows Custom Shell Launcher.

I know there is a measure to restart or turn down the machine if exit event occured.

Having that in mind, will that cover if someone manages to open explorer.exe without actually closing the application that shell launcher is configured to and restart the shell?

I am looking for a way to double harden the kiosk and take care if someone manages to open explorer.exe.

Thank you

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
10,876 questions
0 comments
Accepted answer
  1. S.Sengupta 16,161 Reputation points MVP
    2024-05-16T00:17:48.6833333+00:00

    You may use Windows AppLocker or Software Restriction Policies (SRP) to prevent the execution of explorer.exe and any other unwanted applications.

    In Start Search type gpedit.msc and hit the Enter key.

    Now navigate to Computer Configuration -> Windows Settings -> Security Settings -> Application Control Policies -> AppLocker.

    Create a new executable rule to deny explorer.exe for all users except those who need access (e.g., administrators).

    Again, open the Local Group Policy.

    Navigate to Computer Configuration -> Windows Settings -> Security Settings -> Software Restriction Policies.

    Create a new rule to disallow explorer.exe and any other unwanted executables.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ian Xue (Shanghai Wicresoft Co., Ltd.) 31,731 Reputation points Microsoft Vendor
    2024-05-17T03:57:31.4433333+00:00

    Hi Nikola Nikolov,

    Thanks for your post. Based on my research, here are some limitations to consider when using Shell Launcher:

    • Windows doesn't support setting a custom shell before the out-of-box experience (OOBE). If you do, you can't deploy the resulting image
    • Shell Launcher doesn't support a custom shell with an application that launches a different process and exits. For example, you can't specify write.exe in Shell Launcher. Shell Launcher launches a custom shell and monitors the process to identify when the custom shell exits. Write.exe creates a 32-bit wordpad.exe process and exits. Since Shell Launcher isn't aware of the newly created wordpad.exe process, Shell Launcher takes action based on the exit code of Write.exe, such as restarting the custom shell

    Reference:

    What is Shell Launcher? - Configure Windows | Microsoft Learn

    Best Regards,

    Ian Xue

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments