Hello, how are you? Welcome back! This time I want to talk to you about security in Windows 10. This has been an aspect of constant debate in the community. Because it is considered that the system leaves gaps that allow unwanted applications to make changes to the system. Microsoft has not remained oblivious to this problem and continues to implement measures to improve the security of its operating system. With this in mind, we’re going to enable and configure AppLocker to block unwanted applications in Windows 10.
Basically, what this tool does is configure rules that can be for all users or a particular group. These rules can be imported or exported, applications can be locked according to the type of files, their scripts, and extensions. As we can see, it will give us total control over what can and cannot be installed. So let’s get on with it.
Configuring security rules in AppLocker
The first thing we have to do is enter in the Local Security Policy editor. With this intention, we need to press the key Windows + R, and in the run box, enter the term secpol.msc.
Once inside the window, follow this path: Security Settings>Application Control Policies>AppLocker
Click on AppLocker, to display the side menu, select Configure rule enforcement
This will open the properties box with the types of rules that can be configured. In this particular case we will select executables rules, but please note that you can choose the ones you want.
Then deploy AppLocker, right-click on Executable Rules and select the option Generate rules automatically.
A configurator will open and we will choose the users to whom the rule will be applied, the folder to analyze and the name of the rules.
In the next window choose the file filtering criteria: by type or by the path.
By pressing next, the rule creation process will start.
Finally, we will see a summary of the rules. Click on create to generate them. Moreover, a warning box will appear, just say yes and the procedure will be ready.
The following table will show the rules created.
Since the rules have been created, we can still edit them by double-clicking and selecting properties.
Configure the Application Identity service
Finally, the rules have been generated, now you only have to configure the Application Identity service. To the end that, just type PowerShell into the search bar to invoke a Windows PowerShell, double click on it to run as administrator and write next command:
sc config appidsvc start=auto
This is it! As you can see enable this tool, it is not very complicated to do, however, it is a great help for the security of our system. So this is it, for now, please don’t miss our Onwcloud Server tutorial on Windows 10