Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Hard_Configurator Tools
Hard_Configurator - Windows Hardening Configurator
Message
<blockquote data-quote="Andy Ful" data-source="post: 839264" data-attributes="member: 32260"><p><strong><span style="font-size: 18px">Run<span style="color: rgb(184, 49, 47)">As</span>SmartScreen and DLL hijacking.</span></strong></p><p></p><p><span style="font-size: 15px">The purpose of using "Run <span style="color: rgb(184, 49, 47)"><strong>As</strong></span> SmartScreen" is slightly different from "Run <strong><span style="color: rgb(184, 49, 47)">By </span></strong>SmartScreen". The second is intended for opening/running all files which are located in an unsafe location (like USB drives, Download folder, etc.). The first is intended for:</span></p><ul> <li data-xf-list-type="ul">running safely the EXE or MSI installers which are located in unsafe locations,</li> <li data-xf-list-type="ul">running already installed applications to update them without turning off the H_C default-deny protection,</li> <li data-xf-list-type="ul">running Windows administrative tools with admin rights.</li> </ul><p>So, "Run <strong><span style="color: rgb(184, 49, 47)">As</span></strong> SmartScreen" is prepared to work with default-deny setup (<strong>EXE not allowed</strong>) and "Run <span style="color: rgb(184, 49, 47)"><strong>By </strong></span>SmartScreen" works with "<strong>Allow EXE and TMP</strong>".</p><p></p><p>The "Run As SmartScreen" will automatically allow EXE files from whitelisted locations and will show the below alert in the case of detected DLLs:</p><p></p><p>"<em>This file cannot be Run As SmartScreen from the current location. One or more DLL files are in the same location, and this can bypass SmartScreen via DLL hijacking. </em></p><p><em>The file will be executed from another location, without loading the DLL files from the current location.</em></p><p><em></em></p><p><em>Warning.</em></p><p><em>Do not run this file from the current location without using 'Run As SmartScreen' or 'Run By SmartScreen', until you are sure that DLL files in the current location are clean. Please note, that they can be often hidden, except when Windows Explorer is set to show hidden files.</em>"</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 839264, member: 32260"] [B][SIZE=5]Run[COLOR=rgb(184, 49, 47)]As[/COLOR]SmartScreen and DLL hijacking.[/SIZE][/B] [SIZE=4]The purpose of using "Run [COLOR=rgb(184, 49, 47)][B]As[/B][/COLOR] SmartScreen" is slightly different from "Run [B][COLOR=rgb(184, 49, 47)]By [/COLOR][/B]SmartScreen". The second is intended for opening/running all files which are located in an unsafe location (like USB drives, Download folder, etc.). The first is intended for:[/SIZE] [LIST] [*]running safely the EXE or MSI installers which are located in unsafe locations, [*]running already installed applications to update them without turning off the H_C default-deny protection, [*]running Windows administrative tools with admin rights. [/LIST] So, "Run [B][COLOR=rgb(184, 49, 47)]As[/COLOR][/B] SmartScreen" is prepared to work with default-deny setup ([B]EXE not allowed[/B]) and "Run [COLOR=rgb(184, 49, 47)][B]By [/B][/COLOR]SmartScreen" works with "[B]Allow EXE and TMP[/B]". The "Run As SmartScreen" will automatically allow EXE files from whitelisted locations and will show the below alert in the case of detected DLLs: "[I]This file cannot be Run As SmartScreen from the current location. One or more DLL files are in the same location, and this can bypass SmartScreen via DLL hijacking. The file will be executed from another location, without loading the DLL files from the current location. Warning. Do not run this file from the current location without using 'Run As SmartScreen' or 'Run By SmartScreen', until you are sure that DLL files in the current location are clean. Please note, that they can be often hidden, except when Windows Explorer is set to show hidden files.[/I]" [/QUOTE]
Insert quotes…
Verification
Post reply
Top
