Publisher rules – Enhancing AppLocker for Windows 7

Windows AppLockerPath and Hash rules for previous versions of AppLocker were easier for users to subvert (path), or required additional maintenance with product upgrades (hash).

The enhanced AppLocker for Windows 7 allows another method: Publisher.

The publisher rule is based upon the digital signature of the application. Since the publisher will stay the same with subsequent releases (assuming they aren’t purchased by another company) your rule should stand the test of time.

A fairly decent example of this is given by Microsoft.

Windows 7 is really turning out to be cool. Let’s hope the air doesn’t come out of the balloon too soon.