Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog

The Non-Admin blog - running with least privilege on the desktop... and then dealing with the application compatibility fallout... and using Sysinternals and other utilities to figure things out

My last blog post on this platform

The content on Microsoft's MSDN and TechNet blog platforms will soon become read-only. So, this is...

Author: Aaron Margosis Date: 06/19/2019

"AaronLocker" big perf and feature updates (17 June 2019)

(On the 15th anniversary of my first blog posts...) Performance improvements in the "AaronLocker"...

Author: Aaron Margosis Date: 06/17/2019

"AaronLocker" updates (22 May 2019)

Always handles Portable Executable files even with non-standard extensions such as .tmp and...

Author: Aaron Margosis Date: 05/22/2019

“AaronLocker” updates (13 May 2019)

Hot on the heels of yesterday's changes, "AaronLocker" now handles EXE and DLL files with...

Author: Aaron Margosis Date: 05/14/2019

"AaronLocker" updates (12 May 2019)

Just committed some changes to the "AaronLocker" repo on GitHub and its documentation. Changes...

Author: Aaron Margosis Date: 05/12/2019

"AaronLocker" videos on YouTube

7 minute "Intro to 'AaronLocker'," a set of PowerShell scripts that automate AppLocker-related tasks...

Author: Aaron Margosis Date: 02/22/2019

"AaronLocker" moved to GitHub

"AaronLocker" is a robust, practical, and free PowerShell-based application whitelisting solution...

Author: Aaron Margosis Date: 01/28/2019

"AaronLocker" update (v0.91) -- and see "AaronLocker" in action on Channel 9!

"AaronLocker" is a robust, practical, PowerShell-based application whitelisting solution for...

Author: Aaron Margosis Date: 10/11/2018

ANNOUNCING: Application whitelisting with "AaronLocker"

[Update 11 Oct 2018: "AaronLocker" v0.91 released] Announcing the pre-release (v0.9) of...

Author: Aaron Margosis Date: 06/26/2018

The Case of the Reverting Office Theme (resolved with a long-running Procmon trace)

Several times a day, all my Office apps kept reverting to the default “Colorful” theme, even though...

Author: Aaron Margosis Date: 08/14/2017

Troubleshooting with the Windows Sysinternals Tools - now available!

Over three years ago, I announced that Mark Russinovich and I had signed a contract with Microsoft...

Author: Aaron Margosis Date: 10/24/2016

LUA Buglight 2.3, with support for Windows 8.1 and Windows 10

LUA Buglight is a utility for identifying admin-permissions issues (a.k.a., "LUA bugs") in desktop...

Author: Aaron Margosis Date: 06/30/2015

LUA Buglight 2.3 PREVIEW -- Feedback requested

LUA Buglight is a utility for identifying admin-permissions issues ("LUA bugs") in desktop...

Author: Aaron Margosis Date: 06/22/2015

Local Administrator Password Solution, at Ignite

Last Friday, Microsoft announced the release of the Local Administrator Password Solution, which...

Author: Aaron Margosis Date: 05/05/2015

It rather involved being on the other side of this airtight hatchway: Unquoted service paths

Or, Why most "Unquoted Service Paths" findings are unnecessarily alarmist In late 2012, the issue of...

Author: Aaron Margosis Date: 11/14/2014

Interviewed on "Taste of Premier" about Security Guidance for Windows 8.1, Windows Server 2012 R2 and IE 11

Aaron Margosis interviewed on Channel 9's Taste of Premier about Security Guidance for Windows 8.1,...

Author: Aaron Margosis Date: 10/21/2014

The Case of the App Install Recorder

Adapted from the forthcoming book, Troubleshooting with the Windows® Sysinternals Tools, by Mark...

Author: Aaron Margosis Date: 09/04/2014

Security baselines for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 – FINAL

Microsoft has published its security guidance and baselines for Windows 8.1, Windows Server 2012 R2...

Author: Aaron Margosis Date: 08/15/2014

Sysinternals at TechEd US 2014: LIVE

Sorry for the late notice, but I just saw this: Sysinternals Primer: TechEd 2014 Edition will be...

Author: Aaron Margosis Date: 05/13/2014

Sysinternals at TechEd US 2014

I'll be presenting "TWC: Sysinternals Primer: TechEd 2014 Edition" in Houston, Tuesday, May 13,...

Author: Aaron Margosis Date: 05/01/2014

Security baselines for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11

Although the US Government has not published a US Government Configuration Baseline (USGCB) standard...

Author: Aaron Margosis Date: 04/07/2014

My Ian MacKaye / Dischord Records interview on WTJU.net

A long time ago, before the introduction of the IBM Personal Computer, I was a DJ at the University...

Author: Aaron Margosis Date: 04/01/2014

I'll be on Defrag Tools (Channel 9)

Earlier today I finally got the chance to go into the studio to appear on the "Defrag Tools" show on...

Author: Aaron Margosis Date: 03/06/2014

Speaking at Washington DC IT Pro Camp, Sat. Feb. 22, 2014

Microsoft is pleased to announce the first Washington DC IT Pro Camp on Saturday, February 22 2014...

Author: Aaron Margosis Date: 02/12/2014

Knowledge Base updates about UAC

I should be working on the Sysinternals book, but there were a couple of KB articles about User...

Author: Aaron Margosis Date: 01/14/2014

EventCreate and "ERROR: Source parameter is used to identify custom applications/scripts only"

EventCreate.exe is a command line utility that comes with Windows that lets you write events into...

Author: Aaron Margosis Date: 11/01/2013

Redefining what "Never doing that again" means... Troubleshooting with the Windows Sysinternals Tools, Second Edition

When people asked me what it was like writing a book, I'd invariably answer, "It was a once in a...

Author: Aaron Margosis Date: 08/29/2013

VirtMemTest: a utility to exercise memory and other operations

I wrote the first versions of VirtMemTest while working on the Windows Sysinternals...

Author: Aaron Margosis Date: 06/14/2013

Sysinternals - and Pass the Hash - at TechEd next week.

There are five talks highlighting the Sysinternals utilities at TechEd North America next week in...

Author: Aaron Margosis Date: 05/29/2013

Mitigating "Pass the Hash"...

Microsoft's Trustworthy Computing (TWC) has just published a whitepaper, Mitigating Pass-the-Hash...

Author: Aaron Margosis Date: 12/11/2012

Using NTFS Junctions to Fix Application Compatibility Issues on 64-bit Editions of Windows

Executive Summary This paper describes a simple way to mitigate some types of application...

Author: Aaron Margosis Date: 12/09/2012

LUA Buglight 2.2 with support for Windows 8

Announcing the release of LUA Buglight 2.2, including support for Windows 8. LUA Buglight is an...

Author: Aaron Margosis Date: 11/28/2012

The Sysinternals book is available in Russian!

The Windows Sysinternals Administrator's Reference that I co-authored with Mark Russinovich is now...

Author: Aaron Margosis Date: 11/20/2012

Quoted by Raymond Chen!

It’s one thing to have one's name associated with Mark Russinovich, but quite another to be...

Author: Aaron Margosis Date: 09/04/2012

"Defrag Tools" - a new Channel 9 series (that will talk a lot about Sysinternals utilities)

My colleague and debug super-guru Andrew Richards sent this announcement out earlier today: Larry...

Author: Aaron Margosis Date: 08/06/2012

TSSessions utility

Part of my Sysinternals Primer: Gems presentation at TechEd last month covered the topics of...

Author: Aaron Margosis Date: 07/17/2012

From TechEd: Legacy Web App Issues, Sysinternals Gems, webcast with Mark Russinovich

The two sessions I delivered at TechEd this year are now available online, as is the recording of my...

Author: Aaron Margosis Date: 07/17/2012

Legacy Web App Security and Sysinternals at TechEd North America + Europe 2012

I'm presenting a couple of sessions at TechEd North America 2012 in Orlando (June 11-14) and at...

Author: Aaron Margosis Date: 06/06/2012

Interviewed about the Sysinternals book on Let's Talk Computers

Let's Talk Computers ranks as one of the longest-running computer radio talk shows. I enjoyed it...

Author: Aaron Margosis Date: 03/21/2012

Interviewed on “Bytes by TechNet”

Last May at TechEd US, I sat down for a six-minute interview with Matt Hester about the Windows...

Author: Aaron Margosis Date: 10/20/2011

Top Ten Deployment Blockers

My colleague Shelly Bird, a highly esteemed Architect in Microsoft Public Sector Services, has years...

Author: Aaron Margosis Date: 10/18/2011

FAQ: Where Do I Save Files, and How Exactly Do I Do That?

The correct ways to identify folder paths to store files depends on the programming technology you...

Author: Aaron Margosis Date: 09/25/2011

PrivBar Update

PrivBar is a toolbar I first published over seven years ago (!) for Internet Explorer and Windows...

Author: Aaron Margosis Date: 09/01/2011

IEInternals Reviews the Sysinternals Book

We have a lot of really smart people at Microsoft, but among those there are a handful who are the...

Author: Aaron Margosis Date: 08/16/2011

Windows Sysinternals Administrator’s Reference – now available!

Many of you have long wished for comprehensive, detailed documentation of the Sysinternals...

Author: Aaron Margosis Date: 07/25/2011

Unintended Consequences and Sysinternals at Tech-Ed Available Online

The two sessions I presented last week at Tech-Ed North America 2011 are now available for on-demand...

Author: Aaron Margosis Date: 05/24/2011

IEZoneAnalyzer updated

I just posted a major update to IEZoneAnalyzer, my IE security zone analysis and comparison utility,...

Author: Aaron Margosis Date: 04/14/2011

The Case of the Mysterious Law Manager Startup Error

Getting Law Manager v2.4 to run on Windows 7 Overview Several of my customers run old versions...

Author: Aaron Margosis Date: 04/14/2011

LUA Buglight 2.1.1 with support for Win7/2008R2 SP1

LUA Buglight 2.1.1 is was attached to this blog post and replaces v2.1. It adds support for Windows...

Author: Aaron Margosis Date: 03/22/2011

Unintended Consequences and Sysinternals at Tech-Ed North America 2011

I'm presenting a couple of sessions at Tech-Ed in Atlanta (May 16-19, 2011): The first is...

Author: Aaron Margosis Date: 03/09/2011

Next>