How is sha256 calculated on "Application control" "Target SHA256"
On Windows 11 have
certutil -hashfile "C:\Windows\write.exe" sha1
SHA1 hash of C:\Windows\write.exe:
a6deac3526d77005c62184ad3e8d9e615a0f511f
CertUtil: -hashfile command completed successfully.
On apllication control i have:
And it works:
But if i make
certutil -hashfile "C:\Windows\write.exe" sha256
SHA256 hash of C:\Windows\write.exe:
82e903f055e7f93b403c3758650c0f89a73716dd1b7d1add120b9336a00b8958
CertUtil: -hashfile command completed successfully.
On apllication control i have:
and it does not work, write.exe is not blocked.
So how does the sha256 works?
Answers
-
Hi @Nmjaat,
Thank you for reaching out through the Community!
I've spoken to a member of our Windows Security team, who has informed me that it is not blocked because sha256 is not yet globally enabled due to low coverage in Security Cloud.
Rest assured that this will be enabled in the near future, however, unfortunately I do not have a timeframe at this time.
If you would like, we can we can manually change your systems to sha256 world.
Please do get back to me if this would be a suitable solution for you.
Thanks for your patience!
Liselotte
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support