.NET 4.7 and AppLocker

If it doesn't fit elsewhere, it goes here
Post Reply
Sandboxie Guru
Sandboxie Guru
Posts: 621
Joined: Fri Nov 13, 2015 4:11 pm

.NET 4.7 and AppLocker

Post by Syrinx » Thu Sep 14, 2017 4:08 pm

I've spent a fair amount of time tracing this issue over the last few days. I first noticed it (in a VM) well over a month ago but I hadn't buckled down to actually solve it until recently. My initial assumptions were that it was related to some recent changes in NTLite and so i spent some time bugging Nuhi about it (a lot) but as it turns out it wasn't related to changes on his end at all! Sorry, sir.

There's now a report opened about it so we'll see (if) how long it takes MS to correct but as it's been reported elsewhere without (so far as I know) the cause being isolated (or a workaround being posted) I felt like sharing some place.

Similar threads:
https://www.tenforums.com/general-suppo ... -user.html

Steps to reproduce:
Tested on Windows 7 x64 Ultimate
1A) Install .NET Framework 4.7 or 1B) Set OnlyUseLatestCLR to 1
2) Use Windows Update and install the latest .NET roll-up available
3) Run gpedit.msc and navigate to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Application Control Policies > AppLocker > Executable Rules
4) Right Click and 'Create New Rule' then on the Permissions page for User or group: choose 'Select...'

Expected Result:
An interface for selecting a different user should open

Actual Result:
SrpUxSnapIn.dll MMC error FX:{8A1A4AD2-7F9F-492C-9E1D-F725E3CBF2F0}

Set OnlyUseLatestCLR to 0 and/or Uninstall .NET 4.7 and re-install 4.6.2 followed by updating it online.

Post Reply

Who is online

Users browsing this forum: No registered users and 12 guests