Tp6ojNfYgWweHa 2 Posted September 25, 2022 Share Posted September 25, 2022 Hi, I just installed Windows 11 22H2 as a clean install. After installation, I turned on the new smart app control option in Windows settings. After installing Eset Internet Security, I got a notification that a file from Eset was blocked by the smart app control and that Eset may not function properly as a result. Unfortunately, I accidentally closed the notification and I can't find any information about what exactly was blocked. So far I haven't noticed any problems. Besides this alert. Does Eset Internet Security support Windows 11 22H2 with Smart app control enabled? Sorry for my english, i use google translator. Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 25, 2022 Share Posted September 25, 2022 (edited) It appears that exceptions can't be added to it to get around any Eset conflicts: Quote Smart App Control bypass for specific apps and other features? Can you bypass Smart App Control for a specific application that may be getting blocked by Smart App Control? No, you cannot. At least with this implementation of Smart App Control, Microsoft says that you either allow it to block any unsigned app and other apps that may be deemed as unwanted, or you will need to turn it off. Unfortunately, this may be a deal-breaker in the enterprise as customers will want/need to have more control over which apps are allowed or blocked. https://www.virtualizationhowto.com/2022/06/smart-app-control-windows-11-22h2/ Appears something Eset and Microsoft will have to work out. In the meantime, you will have to thoroughly test Eset to ensure all its features are working properly. Edited September 25, 2022 by itman Link to comment Share on other sites More sharing options...
SeriousHoax 87 Posted September 26, 2022 Share Posted September 26, 2022 Smart App Control is not usable at its current state. It's very strict. The app as well as all the DLLs need to be signed in order for them to not get blocked by SAC. Also, you can't enable/disable it once you choose one. Mine was in evaluation mode after installation, but got turned itself off after a day as it deemed my device not suitable for SAC. It's not worth it at the moment. Trooper 1 Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 26, 2022 Share Posted September 26, 2022 2 hours ago, SeriousHoax said: The app as well as all the DLLs need to be signed in order for them to not get blocked by SAC. Looks like Microsoft has implemented a global variant of Code Integrity Guard exploit protection whereby everything loaded must signed versus Microsoft signed. It also indicates that Microsoft is pushing third party AV vendors to sign all their code which is not a bad idea. Link to comment Share on other sites More sharing options...
SeriousHoax 87 Posted September 26, 2022 Share Posted September 26, 2022 38 minutes ago, itman said: Looks like Microsoft has implemented a global variant of Code Integrity Guard exploit protection whereby everything loaded must signed versus Microsoft signed. It also indicates that Microsoft is pushing third party AV vendors to sign all their code which is not a bad idea. Yeah, looks like it. Hopefully ESET will make their products compatible with SAC. Link to comment Share on other sites More sharing options...
ESET Insiders Trooper 67 Posted September 26, 2022 ESET Insiders Share Posted September 26, 2022 I guess this is just for the consumer version of ESET? I have not noticed any oddities on ESET Endpoint Security. Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 26, 2022 Share Posted September 26, 2022 (edited) 49 minutes ago, Trooper said: I guess this is just for the consumer version of ESET? I have not noticed any oddities on ESET Endpoint Security. Do you have WDAC enabled? Quote WDAC and Smart App Control Starting in Windows 11 version 22H2, Smart App Control provides application control for consumers. Smart App Control is based on WDAC, allowing enterprise customers to create a policy that offers the same security and compatibility with the ability to customize it to run line-of-business (LOB) apps. To make it easier to implement this policy, an example policy is provided. The example policy includes Enabled:Conditional Windows Lockdown Policy rule which isn't supported for WDAC enterprise policies. This rule must be removed before you use the example policy. To use this example policy as a starting point for creating your own policy, see Create a custom base policy using an example WDAC base policy. https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control Also I would say that you need to be running at least Win 10/11 Pro to be able to configure Smart App Control. Edited September 26, 2022 by itman Link to comment Share on other sites More sharing options...
ESET Insiders Trooper 67 Posted September 27, 2022 ESET Insiders Share Posted September 27, 2022 19 hours ago, itman said: Do you have WDAC enabled? https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control Also I would say that you need to be running at least Win 10/11 Pro to be able to configure Smart App Control. I am in eval mode at the moment. I am running Windows 11 22H2 Enterprise. Link to comment Share on other sites More sharing options...
Recommended Posts