03.04.2018, 09:42
Sporo się działo i poniżej listy zmian do ostatnich wyda...wciąż mamy wersję testową
test 45
test 46
test 47
test 45
Cytat:+ Improved Block suspicious command-lines
+ Show process username/domain and integrity level on the log file of blocked processes
+ Improved Block execution of syskey.exe\cipher.exe
+ Improved Block execution of .vbs\.vbe\.js\.jse\etc scripts
+ Improved Block execution of .hta scripts
+ Improved Block suspicious processes
+ Improved rules related to blocking UAC-bypass behaviors
+ Fixed some false positives
test 46
Cytat:+ Improved Block suspicious processes
+ Improved Block suspicious command-lines
+ Improved Block execution of .hta scripts (2)
+ Fixed some false positives
test 47
Cytat:+ Changed "Exit" to "Exit GUI" on main menu of OSArmorDevUI
+ New option: Prevent installutil.exe from loading .DLL files
+ New option: Prevent resgvr32.exe from loading DLLs
+ New option: Prevent odbcconf.exe from using {REGSVR} to load DLLs
+ New option: Prevent pcalua.exe from using -a to run processes
+ New option: Prevent AppVLP.exe from running processes
+ New option: Prevent SyncAppvPublishing.exe from running processes
+ New option: Block execution of SyncAppvPublishing.vbs
+ New option: Prevent rundll32.exe from using Control_RunDLL (shell32.dll)
+ New option: Prevent runscripthelper.exe from using surfacecheck
+ New option: Block PowerShell "-version 2"
+ New option: Block loading of .inf files via advpack.dll,LaunchINFSection
+ Option "Prevent pubprn.vbs from executing inline scripts" is enabled by default
+ Improved Block suspicious command-lines
+ Improved Block execution of .reg scripts
+ Improved Prevent regedit.exe from silently loading .reg scripts
+ Improved Block "WindowStyle Hidden" on command-line (PowerShell)
+ Improved Block "ExecutionPolicy Bypass" on command-line (PowerShell)
+ Improved Prevent wscript.exe from changing script engine
+ Improved Prevent cscript.exe from changing script engine
+ Improved Prevent ieexec.exe from loading remote files
+ Improved Prevent msiexec.exe from loading MSI files maskes as PNG files
+ Improved Block execution of .msi installer scripts
+ Improved Prevent AtBroker.exe from using /start switch to run processes
+ Improved Prevent schtasks.exe from creating tasks
+ Improved Prevent regsvcs.exe from loading .DLL files
+ Improved Prevent regasm.exe from loading .DLL files
+ Improved Prevent odbcconf.exe from loading .rsp scripts
+ Minor fixes and optimizations
+ Fixed some false positives
"Bezpieczeństwo jest podróżą, a nie celem samym w sobie - to nie jest problem, który można rozwiązać raz na zawsze"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"
"Zaufanie nie stanowi kontroli, a nadzieja nie jest strategią"