Hi all,
Just to draw everyones attention to a flaw with Symantec Endpoint Protection Application and Device Policy rules - I have "Stop Software Installers [AC8]" enabled in SEPM, and this works well - stopping installations from running. This also stops executable files being saved anywhere (i.e. users documents, downloads etc.). Google Chrome, however, seems to allow users to circumvent this - if one downloads an executable installer in chrome and runs it from the downloads bar at the bottom (NOT the location where it has downloaded to via Windows Explorer - see picture below), the installation will be allowed and the program will install correctly! This even allows executable files to be saved (though SEP kicks in if I were to attempt to make a copy of the file)...
Has anyone else experienced this? If so, any way to fix? Or is it worth logging something with Symantec on this?
Image may be NSFW.
Clik here to view.
Windows 8.1 Professional, SEP Client 12.5337.5000, SEP Manager 12.1.4104.4130
Thanks,
Kim
