Issue:
An application executable is blocked once I enabled the Application Control to block rare and unknown applications. I am working on creating a rule to whitelist the application executable.
However, whitelisting application with "Target file name" used in Application Control rule does not work.
Resolution:
"Target file name" used in the condition for an Application Control rule is not referring to the file name in the target path showing up in Application Control alert.
It is used for the "Original filename" for the application executable. To find out this, you need to do the following:
- Right click on the application executable, and select "Properties".
- Switch to "Details".
- Look into "Original filename".
Alternatively, you can use the condition "Target path" together with the file path for the target application executable.
Article no: 000023905