Threat Post

Core Windows Utility Can Be Used to Bypass AppLocker

A researcher has discovered that Windows’ Regsvr32 can be used to download and run JavaScript and VBScript remotely from the Internet, bypassing AppLocker’s whitelisting protections. A core Windows ...
Bleeping Computer

You Can Bypass Windows AppLocker Protection via Rogue Control Panel Items

An attacker or a rogue employee can create and register custom control panel items and use these files to bypass the Windows AppLocker security feature. AppLocker is a security service introduced with ...
CSOonline

Researcher uses Regsvr32 function to bypass AppLocker

A researcher in Colorado has discovered a feature in Regsvr32 that allows an attacker to bypass application whitelisting protections, such as those afforded by Microsoft’s AppLocker. If the technique ...