Device Control not blocking exe files ?

aj

Good day,

I am trying out the device control feature and have disallowed launching exe files from USB sticks (rest of settings remain unchanged so far).
Profile with respective settings is assigned to the device and profile assignment state is up-to-date.

Still able to launch exe files from the USB stick. The stick was used earlier with this PC but if I understand the feature correctly this does not play a role.
What am I missing ?

I found this article
https://community.withsecure.com/en/kb/articles/29565-withsecure-elements-device-control-not-blocking-write-access-or-executable-launching-on-usb-mass-storage-devices

and wondering if it is still valid espc. the names expressed (F-Secure instead of WithSecure).

best regards

Andreas

JamesC

Hi @aj

Thank you for contacting WithSecure Community.

Apologies for the confusion.

Yes, the "F-Secure GateKeeper" registry is still valid.

Just to confirm, you have this setting enabled, correct ? Can you also please lock the padlock as per image below ?

aj

Hi JamesC,

thanks for your reply.

This is the setting effective which should deny the execution of an exe file from an USB stick regardless of the padlock setting, I would assume. Of course only if the main Device Control button is set to ON ;-)

Locking the padlock does not make a difference in the behaviour.

Trying with another stick which was never inserted in the PC so far leads to the desired result and trigger Security Events (#2). Switching back to the first stick (#1) which is already known to the PC allows any exe file to be run from the stick. I did not make any exclusions or other settings regarding this stick. No Security Events came up.

#1

#2

Any idea ?

Regards,
Andreas

JamesC

Hi @aj

If issue persists on newer versions, please submit a support case with WSDiag here - https://www.withsecure.com/en/support/contact-support/email-support