Update SpyShelter version 12.7 released

silversurfer

Level 76
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,613
71,858
SpyShelter version 12.7 is live now!

You can find new SpyShelter Silent, Premium and Firewall editions there: Download Page.

For recent Windows releases encryption in console applications is disabled by default due to possible compatibility reasons, it can be enabled on demand however it’s rarely used or desired feature among users.

(free version will be updated in next weeks)

12.7 (12/Oct/2021)
  • Improved support for Windows 11
  • Fixed bug with black screen while OS loading
  • Compatibility fixes
 

ichito

Level 10
Verified
Content Creator
Dec 12, 2013
480
2,785
External monitors are not covered by SpyShelter.
I'm not using more than one monitor/screen but I don't think your opinion is true. The matter can be in marked entry in keystroke encryption settings (it's default option) so it could be interesting to check other settings.

211025101139_1.jpg
 

kC77

Level 1
Aug 16, 2021
25
110
I'm not using more than one monitor/screen but I don't think your opinion is true. The matter can be in marked entry in keystroke encryption settings (it's default option) so it could be interesting to check other settings.

View attachment 261493
i have just tested enabling screen phantom & removing the <system processes> rule and tested again
still only the main display is blacked out when screenshotting.

(i then re-added the <system processes> rule)
 

kC77

Level 1
Aug 16, 2021
25
110
another weird issue ive come across relating to "restricted apps"... not sure if this is expected behaviour? (normally id expect any (non microsoft signed) application that needs internet access gets prompted for) (im in the allow MS mode)

Ive figured out the issue, but not sure if its expected? (appears that using restricted mode is actually less secure?)

if i use MSEDGE in "restricted mode" should any applications EDGE launches then get full internet access without creating additional rules? (seems a security hole when thinking restricted mode is more secure!)


on my work machine we use a MSP remote management platform called Solarwinds N-able, its a website i access using MSEDGE and I had previously had MSEDGE in restricted mode thinking it was more secure, but i found a odd issue, that using the platform, when MSEDGE calls up the software to remote connect to servers, i found it never prompted for anything, the remote software below just launched and worked fine, no rules got created, no pop ups or prompts, nothing in spyshelter, it had just allowed it to run & access the internet.

the path to the executables that EDGE launches is
C:\Users\username\AppData\Local\Take Control Viewer\TakeControlRDViewer.exe


So in restricted mode, yes im more secure in that edge can only write to the specified folders, but its a huge problem if ANY .exe that MSEDGE launches is just granted full access to do what it wants to do

Once i removed MSEDGE from restricted mode, when i click on the remote button, I then correctly got plenty of pop ups asking for rules to be created to TakeControlRDViewer.exe

Is this by design or is this not normal?
 
Last edited:

Jan Willy

Level 7
Jul 5, 2019
316
1,391
another weird issue ive come across relating to "restricted apps"... not sure if this is expected behaviour? (normally id expect any (non microsoft signed) application that needs internet access gets prompted for) (im in the allow MS mode)

Ive figured out the issue, but not sure if its expected? (appears that using restricted mode is actually less secure?)

if i use MSEDGE in "restricted mode" should any applications EDGE launches then get full internet access without creating additional rules? (seems a security hole when thinking restricted mode is more secure!)


on my work machine we use a MSP remote management platform called Solarwinds N-able, its a website i access using MSEDGE and I had previously had MSEDGE in restricted mode thinking it was more secure, but i found a odd issue, that using the platform, when MSEDGE calls up the software to remote connect to servers, i found it never prompted for anything, the remote software below just launched and worked fine, no rules got created, no pop ups or prompts, nothing in spyshelter, it had just allowed it to run & access the internet.

the path to the executables that EDGE launches is
C:\Users\username\AppData\Local\Take Control Viewer\TakeControlRDViewer.exe


So in restricted mode, yes im more secure in that edge can only write to the specified folders, but its a huge problem if ANY .exe that MSEDGE launches is just granted full access to do what it wants to do

Once i removed MSEDGE from restricted mode, when i click on the remote button, I then correctly got plenty of pop ups asking for rules to be created to TakeControlRDViewer.exe

Is this by design or is this not normal?
I assume this has something to do with the location of the exe-file: ...AppData\Local\... This location is excluded from the restriction mode. See the tab Folders with write access in the SS program.

Schermafbeelding 2021-10-25 184717.jpg
 
Last edited:

kC77

Level 1
Aug 16, 2021
25
110
had confirmation from support that its by design .... if you run an app in restricted mode, then any child process that has no rules it spawns will have full access without prompts to everything/internet...

1635245157339.png
 
Last edited by a moderator:
Top