Avatar for Username

Αναζήτηση στην υποστήριξη

Προσοχή στις απάτες! Δεν θα σας ζητήσουμε ποτέ να καλέσετε ή να στείλετε μήνυμα σε κάποιον αριθμό τηλεφώνου ή να μοιραστείτε προσωπικά δεδομένα. Αναφέρετε τυχόν ύποπτη δραστηριότητα μέσω της επιλογής «Αναφορά κατάχρησης».

Μάθετε περισσότερα

Signed Executables and Dlls Policy

  • Καμία απάντηση
  • 0 έχουν αυτό το πρόβλημα
robertb2
robertb2
more options

Hi,

At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request.

We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape.

Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla?

I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked.

Thank you for 30 years of a great product!

Rob

Hi, At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request. We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape. Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla? I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked. Thank you for 30 years of a great product! Rob
Συνημμένα στιγμιότυπα

Πρέπει να συνδεθείτε στον λογαριασμό σας για να απαντήσετε σε δημοσιεύσεις. Ξεκινήστε μια νέα ερώτηση εάν δεν διαθέτετε ακόμα λογαριασμό.