Dynamic-link libraries (DLLs) store executable code that multiple applications can use. For example, if a developer is creating an application that reads from a database, he might create a DLL that stores the functions that read from the database. Then he can use the same DLL to read from the database using both a Windows client and a Web interface for the database.
By default, AppLocker rules do not apply to DLLs-if an application is allowed to run, it can load any DLL. Typically, this level of security is sufficient. However, AppLocker can be configured to control access to individual DLLs. This makes configuration much more complex, however, and it can significantly reduce performance at run time.
To enforce DLL rules, follow these steps:
- In the GPO Editor, right-click the Computer Configuration\Policies\Windows Settings\
Security Settings\Application Control Policies\AppLocker node and then click Properties.
The AppLocker Properties dialog box appears.
- Click the Advanced tab and then select the Enforce DLL Rule Collection check box.
- Click OK.
Now the DLL Rules node is visible within the AppLocker node in the GPO Editor. Use this node to define DLL rules. Additionally, you can choose to enforce or audit DLL rules from the Enforcement tab of the AppLocker Properties dialog box.
In this tutorial:
- Windows 7 Client Protection
- Understanding the Risk of Malware
- User Account Control in Windows 7
- UAC for Standard Users
- UAC for Administrators
- UAC User Interface
- Secure Desktop
- How Windows Determines Whether an Application Needs Administrative Privileges
- How to Control UAC Using Application Properties
- How UAC Examines the Application Manifest
- UAC Heuristics
- UAC Virtualization
- UAC and Startup Programs
- Compatibility Problems with UAC
- How to Configure UAC
- Group Policy Settings
- Control Panel
- How to Configure Auditing for Privilege Elevation
- Other UAC Event Logs
- Best Practices for Using UAC
- AppLocker Rule Types
- Auditing AppLocker Rules
- DLL Rules
- Custom Error Messages
- Using AppLocker with Windows PowerShell
- Using Windows 7 Defender
- Understanding Windows Defender
- Automatic Scanning
- Real-Time Protection
- Windows Defender Alert Levels
- Understanding Microsoft SpyNet
- Configuring Windows Defender Group Policy
- Configuring Windows Defender on a Single Computer
- How to Determine Whether a Computer Is Infected with Spyware
- Best Practices for Using Windows Defender
- How to Troubleshoot Problems with Unwanted Software
- Network Access Protection