Home » Security Bloggers Network » How to use AppLocker in Windows 10

How to use AppLocker in Windows 10

by Nitesh Malviya on July 27, 2020

What is AppLocker?

AppLocker is an application whitelisting feature which helps an organization to control what apps and files can be run by the user. AppLocker was first introduced with Windows 7 OS, Windows Server 2008 R2.

AppLocker provides a simple interface to prevent or block an application from running by unintended users. These include Windows Installer Files, executable files, dynamic-link libraries (DLLs), packaged app installers, scripts, packaged apps and so on.

AppLocker overview

AppLocker is inbuilt into Windows OS enterprise-level edition and needs no additional installation onto the system. For standalone systems, rules can be enforced using the Local Security Policy editor (secpol.msc). For a group of computers, it can be done using the Group Policy Management Console.

AppLocker rules

AppLocker is capable of blocking different file types. The following are the types of files AppLocker is capable of blocking.

Executable files like .exe, .com
Windows installer files like .mst, .msi and .msp
Executable files like .bat, .ps1, .cmd, .js and .vbs
DLL executables
Packaged app installers like .appx

Creating AppLocker rules

The following are the steps to create a rule in AppLocker.

Sponsorships Available

Type local security policy and click “Run as Administrator”.

Under Application Control Policies, right-click on Executable Rules under AppLocker as shown.

Click on Default Rules. Default Rules get created, as shown below.

Create New Rule by right-clicking Executable Rules, as shown.

Click Next. Select Deny for denying certain files from getting executed. By default, rules applies to everyone, you can select User or Group as per the need:

Select File Hash, as shown.

Select Browse Folders and navigate to the path for the executable/file you want to deny execution. We will deny Notepad++ from being executed, as shown.