A software policy makes a powerful addition to Microsoft Windows' malware protection.
In particular, it is more effective against ransomware than traditional approaches to security.
If you know about the Linux 'execute permission' bit then you'll understand what this is for. The mode of operation is somewhat different in that execute permission is granted to folders and subfolders rather than individual files, but the intention is the same, to stop undesirable or unknown software from launching unless you OK it.
Additionally, it is possible to specify that certain executables (typically browsers and email clients) are run with reduced rights. This is a valuable damage-limitation measure against browser plugin vulns, etc.
The protection can be turned off without a reboot whilst installing legitimate software, and will automatically reactivate after a specified time
Features
- Block unintended downloads from running
- Prevent auto-running installs from optical drives
- Disallow programs on USB media from launching
- Determine which software may be launched, and which not.
- Run specified processes with limited priveleges
License
GNU General Public License version 3.0 (GPLv3)Follow Simple Software-restriction Policy
User Reviews
-
Thanks for the great program!
-
It works really well, and appreciate it. Still learning the ins and out, does good job.
-
Yes, it works great :) Hardens the system against malware or apt's activation.