Avatar for Username

Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Signed Executables and Dlls Policy

  • Aucune réponse
  • 0 a ce problème
robertb2
robertb2
more options

Hi,

At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request.

We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape.

Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla?

I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked.

Thank you for 30 years of a great product!

Rob

Hi, At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request. We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape. Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla? I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked. Thank you for 30 years of a great product! Rob
Captures d’écran jointes

Vous devez vous identifier avec votre compte pour répondre aux messages. Veuillez poser une nouvelle question, si vous n’avez pas encore de compte.