Jump to content

Eset Internet Security Smart App Control

Tp6ojNfYgWweHa
 Share

Recommended Posts

Tp6ojNfYgWweHa

Tp6ojNfYgWweHa 2

Posted
Posted

Hi, I just installed Windows 11 22H2 as a clean install. After installation, I turned on the new smart app control option in Windows settings. After installing Eset Internet Security, I got a notification that a file from Eset was blocked by the smart app control and that Eset may not function properly as a result. Unfortunately, I accidentally closed the notification and I can't find any information about what exactly was blocked. So far I haven't noticed any problems. Besides this alert. Does Eset Internet Security support Windows 11 22H2 with Smart app control enabled?

Sorry for my english, i use google translator.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

It appears that exceptions can't be added to it to get around any Eset conflicts:

Quote

Smart App Control bypass for specific apps and other features?

Can you bypass Smart App Control for a specific application that may be getting blocked by Smart App Control? No, you cannot. At least with this implementation of Smart App Control, Microsoft says that you either allow it to block any unsigned app and other apps that may be deemed as unwanted, or you will need to turn it off. Unfortunately, this may be a deal-breaker in the enterprise as customers will want/need to have more control over which apps are allowed or blocked.

https://www.virtualizationhowto.com/2022/06/smart-app-control-windows-11-22h2/

Appears something Eset and Microsoft will have to work out. In the meantime, you will have to thoroughly test Eset to ensure all its features are working properly.

Edited by itman
Link to comment
Share on other sites
SeriousHoax

SeriousHoax 83

Posted
Posted

Smart App Control is not usable at its current state. It's very strict. The app as well as all the DLLs need to be signed in order for them to not get blocked by SAC. Also, you can't enable/disable it once you choose one. Mine was in evaluation mode after installation, but got turned itself off after a day as it deemed my device not suitable for SAC. It's not worth it at the moment. 

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
2 hours ago, SeriousHoax said:

The app as well as all the DLLs need to be signed in order for them to not get blocked by SAC.

Looks like Microsoft has implemented a global variant of Code Integrity Guard exploit protection whereby everything loaded must signed versus Microsoft signed.

It also indicates that Microsoft is pushing third party AV vendors to sign all their code which is not a bad idea.

Link to comment
Share on other sites
SeriousHoax

SeriousHoax 83

Posted
Posted
38 minutes ago, itman said:

Looks like Microsoft has implemented a global variant of Code Integrity Guard exploit protection whereby everything loaded must signed versus Microsoft signed.

It also indicates that Microsoft is pushing third party AV vendors to sign all their code which is not a bad idea.

Yeah, looks like it. Hopefully ESET will make their products compatible with SAC. 

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)
49 minutes ago, Trooper said:

I guess this is just for the consumer version of ESET?  I have not noticed any oddities on ESET Endpoint Security.

Do you have WDAC enabled?

Quote

WDAC and Smart App Control

Starting in Windows 11 version 22H2, Smart App Control provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an example policy is provided. The example policy includes Enabled:Conditional Windows Lockdown Policy rule which isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see Create a custom base policy using an example WDAC base policy.

https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control

Also I would say that you need to be running at least Win 10/11 Pro to be able to configure Smart App Control.

Edited by itman
Link to comment
Share on other sites
  • ESET Insiders
Trooper

Trooper 65

Posted
  • ESET Insiders
Posted
19 hours ago, itman said:

Do you have WDAC enabled?

https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control

Also I would say that you need to be running at least Win 10/11 Pro to be able to configure Smart App Control.

I am in eval mode at the moment.  I am running Windows 11 22H2 Enterprise.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...