question

EdwardWest-0180 avatar image
0 Votes"
EdwardWest-0180 asked EdwardWest-0180 commented

Stop .exe running from desktop

Hi,

Sorry if this question has been asked before, I have spend ages trying to find an answer but nothing seems to solve the problem fully.

We are looking at rolling out Intune on our company machines, currently we have a test setup of a few machines to get all the settings right, but there is one thing that is really puzzling me now, I need to stop .exe files from running from the desktop and downloads folders, not installation files, those I have managed to stop without Admin Privileges, its actual .exe programs, the one we are using to test is calc.exe, does anyone have any ideas?

mem-intune-device-configurations
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RahulJindal-2267 avatar image
0 Votes"
RahulJindal-2267 answered EdwardWest-0180 commented

What you are looking for is Applocker policies. You will need to import an xml of executables that you want to either allow running or blocking.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Sorry I just found the option to do folders, I have blocked the Users folder and seems to have solved it, thank you :)

0 Votes 0 ·
EdwardWest-0180 avatar image
0 Votes"
EdwardWest-0180 answered

I have looked at AppLocker but I could only find a way of blocking using filenames, I want to just do a blanked .exe block from certain folders.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RahulJindal-2267 avatar image
0 Votes"
RahulJindal-2267 answered EdwardWest-0180 commented

I don’t think you can use wildcard with the file name extensions in applocker xmls. However, you can block all files located under a certain path. Have a look at the link below. I am using the xml to whitelist but you can use the opposite logic to block. how-to-whitelist-apps-using-applocker.html


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you, I have managed to block it now, I have followed the setup but it is also blocking my Admin accounts (still running it locally not through Intune)

0 Votes 0 ·