P
Peter Cheesewright
How do I setup up XP to prevent the execution of 16 bit
exe files and/or dlls?
exe files and/or dlls?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
S
Steven Liu
Hi Steven,
Thanks for your reply. Unfortunately, restricting
command.com and cmd.exe does not necessarily prevent 16-
bit exes from running.
I want to prevent 32-bit programs from doing a
CreateProcess to launch a 16-bit exe.
Regards,
Peter
Thanks for your reply. Unfortunately, restricting
command.com and cmd.exe does not necessarily prevent 16-
bit exes from running.
I want to prevent 32-bit programs from doing a
CreateProcess to launch a 16-bit exe.
Regards,
Peter
S
Steven Liu [MSFT]
Hi Peter,
We also need to restrict the Ntvdm.exe (Virtual DOS Machine). Then, the
16-bit application won't run.
Thanks for using Microsoft News Group!
Sincerely,
Steven Liu
Microsoft Online Partner Support
MCSE 2000
Get Secure! ¨C www.microsoft.com/security
This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Steven Liu" <[email protected]>
| Sender: "Steven Liu" <[email protected]>
| References: <[email protected]>
<[email protected]>
| Subject: RE: Disabling 16-bit programs
| Date: Tue, 12 Aug 2003 01:44:01 -0700
| Lines: 68
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: quoted-printable
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNgreDPZY7CfO5qTreXdDs9xPM0wA==
| Newsgroups: microsoft.public.windowsxp.security_admin
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.windowsxp.security_admin:72762
| NNTP-Posting-Host: TK2MSFTNGXA08 10.40.1.160
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Hi Steven,
| Thanks for your reply. Unfortunately, restricting
| command.com and cmd.exe does not necessarily prevent 16-
| bit exes from running.
| I want to prevent 32-bit programs from doing a
| CreateProcess to launch a 16-bit exe.
| Regards,
| Peter
| >-----Original Message-----
| >Hi Peter,
| >
| >We can use the steps in the article to restrict to run
| command.com and
| >cmd.exe.
| >
| >310791 Description of the Software Restriction Policies
| in Windows XP
| >http://support.microsoft.com/?id=310791
| >
| >Thanks for using Microsoft News Group!
| >
| >Sincerely,
| >
| >Steven Liu
| >
| >Microsoft Online Partner Support
| >
| >MCSE 2000
| >
| >Get Secure! ¨C www.microsoft.com/security
| >
| >This posting is provided ¡°as is¡± with no warranties
| and confers no rights.
| >--------------------
| >| Content-Class: urn:content-classes:message
| >| From: "Peter Cheesewright" <[email protected]>
| >| Sender: "Peter Cheesewright" <[email protected]>
| >| Subject: Disabling 16-bit programs
| >| Date: Mon, 11 Aug 2003 09:15:59 -0700
| >| Lines: 2
| >| Message-ID: <[email protected]>
| >| MIME-Version: 1.0
| >| Content-Type: text/plain;
| >| charset="iso-8859-1"
| >| Content-Transfer-Encoding: 7bit
| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| X-MIMEOLE: Produced By Microsoft MimeOLE
| V5.50.4910.0300
| >| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
| >| Newsgroups: microsoft.public.windowsxp.security_admin
| >| Path: cpmsftngxa06.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl
| microsoft.public.windowsxp.security_admin:72338
| >| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
| >| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
| >|
| >| How do I setup up XP to prevent the execution of 16
| bit
| >| exe files and/or dlls?
| >|
| >
| >.
| >
|
We also need to restrict the Ntvdm.exe (Virtual DOS Machine). Then, the
16-bit application won't run.
Thanks for using Microsoft News Group!
Sincerely,
Steven Liu
Microsoft Online Partner Support
MCSE 2000
Get Secure! ¨C www.microsoft.com/security
This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Steven Liu" <[email protected]>
| Sender: "Steven Liu" <[email protected]>
| References: <[email protected]>
<[email protected]>
| Subject: RE: Disabling 16-bit programs
| Date: Tue, 12 Aug 2003 01:44:01 -0700
| Lines: 68
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: quoted-printable
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNgreDPZY7CfO5qTreXdDs9xPM0wA==
| Newsgroups: microsoft.public.windowsxp.security_admin
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.windowsxp.security_admin:72762
| NNTP-Posting-Host: TK2MSFTNGXA08 10.40.1.160
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Hi Steven,
| Thanks for your reply. Unfortunately, restricting
| command.com and cmd.exe does not necessarily prevent 16-
| bit exes from running.
| I want to prevent 32-bit programs from doing a
| CreateProcess to launch a 16-bit exe.
| Regards,
| Peter
| >-----Original Message-----
| >Hi Peter,
| >
| >We can use the steps in the article to restrict to run
| command.com and
| >cmd.exe.
| >
| >310791 Description of the Software Restriction Policies
| in Windows XP
| >http://support.microsoft.com/?id=310791
| >
| >Thanks for using Microsoft News Group!
| >
| >Sincerely,
| >
| >Steven Liu
| >
| >Microsoft Online Partner Support
| >
| >MCSE 2000
| >
| >Get Secure! ¨C www.microsoft.com/security
| >
| >This posting is provided ¡°as is¡± with no warranties
| and confers no rights.
| >--------------------
| >| Content-Class: urn:content-classes:message
| >| From: "Peter Cheesewright" <[email protected]>
| >| Sender: "Peter Cheesewright" <[email protected]>
| >| Subject: Disabling 16-bit programs
| >| Date: Mon, 11 Aug 2003 09:15:59 -0700
| >| Lines: 2
| >| Message-ID: <[email protected]>
| >| MIME-Version: 1.0
| >| Content-Type: text/plain;
| >| charset="iso-8859-1"
| >| Content-Transfer-Encoding: 7bit
| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| X-MIMEOLE: Produced By Microsoft MimeOLE
| V5.50.4910.0300
| >| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
| >| Newsgroups: microsoft.public.windowsxp.security_admin
| >| Path: cpmsftngxa06.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl
| microsoft.public.windowsxp.security_admin:72338
| >| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
| >| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
| >|
| >| How do I setup up XP to prevent the execution of 16
| bit
| >| exe files and/or dlls?
| >|
| >
| >.
| >
|
P
Peter Cheesewright
I have followed the instructions in article 310791 to the
letter and it has not stopped anything.
I used gpedit and added additional rules (Path type,
Disallowed) for
c:\windows\system32\cmd.exe
c:\windows\system32\command.com
c:\windows\system32\ntvdm.exe
I can still run a Command prompt and call 16-bit programs
from a 32-bit program. Re-booting did not help.
I also tried removing the other paths in the Additional
Rules list in case they were over-riding my settings but
that had no effect.
Any help would be appreciated.
Regards,
Peter
letter and it has not stopped anything.
I used gpedit and added additional rules (Path type,
Disallowed) for
c:\windows\system32\cmd.exe
c:\windows\system32\command.com
c:\windows\system32\ntvdm.exe
I can still run a Command prompt and call 16-bit programs
from a 32-bit program. Re-booting did not help.
I also tried removing the other paths in the Additional
Rules list in case they were over-riding my settings but
that had no effect.
Any help would be appreciated.
Regards,
Peter
P
Peter Cheesewright
Following my earlier posting today:
I have succeeded in getting it to not run command.com and
cmd.exe. However, Disallowing ntvdm.exe has not stopped
it running DOS programs or executing (via CreateProcess)
a 16-bit program from within a 32-bit windows program.
If I run a DOS program, ntvdm.exe is in the Task
Manager's list of running processes.
Any help would be appreciated.
Regards,
Peter
I have succeeded in getting it to not run command.com and
cmd.exe. However, Disallowing ntvdm.exe has not stopped
it running DOS programs or executing (via CreateProcess)
a 16-bit program from within a 32-bit windows program.
If I run a DOS program, ntvdm.exe is in the Task
Manager's list of running processes.
Any help would be appreciated.
Regards,
Peter
S
Steven Liu [MSFT]
Hi Peter,
If the user is the local user, we also can set the NTFS permission of the 3
files of the user. We can remove all permission of the 3 files to the other
user.
Then, the other users are unable to run the 16-bit applications.
Thanks for using Microsoft News Group!
Sincerely,
Steven Liu
Microsoft Online Partner Support
MCSE 2000
Get Secure! ¨C www.microsoft.com/security
This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Peter Cheesewright" <[email protected]>
| Sender: "Peter Cheesewright" <[email protected]>
| References: <[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
| Subject: RE: Disabling 16-bit programs
| Date: Fri, 15 Aug 2003 06:29:48 -0700
| Lines: 134
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: quoted-printable
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNjMUymrlDOsE9wRG6qe7ALNpp3Mw==
| Newsgroups: microsoft.public.windowsxp.security_admin
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.windowsxp.security_admin:75404
| NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Following my earlier posting today:
| I have succeeded in getting it to not run command.com and
| cmd.exe. However, Disallowing ntvdm.exe has not stopped
| it running DOS programs or executing (via CreateProcess)
| a 16-bit program from within a 32-bit windows program.
| If I run a DOS program, ntvdm.exe is in the Task
| Manager's list of running processes.
| Any help would be appreciated.
| Regards,
| Peter
| >-----Original Message-----
| >Hi Peter,
| >
| >We also need to restrict the Ntvdm.exe (Virtual DOS
| Machine). Then, the
| >16-bit application won't run.
| >
| >Thanks for using Microsoft News Group!
| >
| >Sincerely,
| >
| >Steven Liu
| >
| >Microsoft Online Partner Support
| >
| >MCSE 2000
| >
| >Get Secure! ¨C www.microsoft.com/security
| >
| >This posting is provided ¡°as is¡± with no warranties
| and confers no rights.
| >--------------------
| >| Content-Class: urn:content-classes:message
| >| From: "Steven Liu" <[email protected]>
| >| Sender: "Steven Liu" <[email protected]>
| >| References: <[email protected]>
| ><[email protected]>
| >| Subject: RE: Disabling 16-bit programs
| >| Date: Tue, 12 Aug 2003 01:44:01 -0700
| >| Lines: 68
| >| Message-ID: <[email protected]>
| >| MIME-Version: 1.0
| >| Content-Type: text/plain;
| >| charset="iso-8859-1"
| >| Content-Transfer-Encoding: quoted-printable
| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| X-MimeOLE: Produced By Microsoft MimeOLE
| V5.50.4910.0300
| >| Thread-Index: AcNgreDPZY7CfO5qTreXdDs9xPM0wA==
| >| Newsgroups: microsoft.public.windowsxp.security_admin
| >| Path: cpmsftngxa06.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl
| microsoft.public.windowsxp.security_admin:72762
| >| NNTP-Posting-Host: TK2MSFTNGXA08 10.40.1.160
| >| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
| >|
| >| Hi Steven,
| >| Thanks for your reply. Unfortunately, restricting
| >| command.com and cmd.exe does not necessarily prevent
| 16-
| >| bit exes from running.
| >| I want to prevent 32-bit programs from doing a
| >| CreateProcess to launch a 16-bit exe.
| >| Regards,
| >| Peter
| >| >-----Original Message-----
| >| >Hi Peter,
| >| >
| >| >We can use the steps in the article to restrict to
| run
| >| command.com and
| >| >cmd.exe.
| >| >
| >| >310791 Description of the Software Restriction
| Policies
| >| in Windows XP
| >| >http://support.microsoft.com/?id=310791
| >| >
| >| >Thanks for using Microsoft News Group!
| >| >
| >| >Sincerely,
| >| >
| >| >Steven Liu
| >| >
| >| >Microsoft Online Partner Support
| >| >
| >| >MCSE 2000
| >| >
| >| >Get Secure! ¨C www.microsoft.com/security
| >| >
| >| >This posting is provided ¡°as is¡± with no warranties
| >| and confers no rights.
| >| >--------------------
| >| >| Content-Class: urn:content-classes:message
| >| >| From: "Peter Cheesewright" <[email protected]>
| >| >| Sender: "Peter Cheesewright" <[email protected]>
| >| >| Subject: Disabling 16-bit programs
| >| >| Date: Mon, 11 Aug 2003 09:15:59 -0700
| >| >| Lines: 2
| >| >| Message-ID: <[email protected]>
| >| >| MIME-Version: 1.0
| >| >| Content-Type: text/plain;
| >| >| charset="iso-8859-1"
| >| >| Content-Transfer-Encoding: 7bit
| >| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| >| X-MIMEOLE: Produced By Microsoft MimeOLE
| >| V5.50.4910.0300
| >| >| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
| >| >| Newsgroups:
| microsoft.public.windowsxp.security_admin
| >| >| Path: cpmsftngxa06.phx.gbl
| >| >| Xref: cpmsftngxa06.phx.gbl
| >| microsoft.public.windowsxp.security_admin:72338
| >| >| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
| >| >| X-Tomcat-NG:
| microsoft.public.windowsxp.security_admin
| >| >|
| >| >| How do I setup up XP to prevent the execution of 16
| >| bit
| >| >| exe files and/or dlls?
| >| >|
| >| >
| >| >.
| >| >
| >|
| >
| >.
| >
|
If the user is the local user, we also can set the NTFS permission of the 3
files of the user. We can remove all permission of the 3 files to the other
user.
Then, the other users are unable to run the 16-bit applications.
Thanks for using Microsoft News Group!
Sincerely,
Steven Liu
Microsoft Online Partner Support
MCSE 2000
Get Secure! ¨C www.microsoft.com/security
This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Peter Cheesewright" <[email protected]>
| Sender: "Peter Cheesewright" <[email protected]>
| References: <[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
| Subject: RE: Disabling 16-bit programs
| Date: Fri, 15 Aug 2003 06:29:48 -0700
| Lines: 134
| Message-ID: <[email protected]>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: quoted-printable
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNjMUymrlDOsE9wRG6qe7ALNpp3Mw==
| Newsgroups: microsoft.public.windowsxp.security_admin
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.windowsxp.security_admin:75404
| NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Following my earlier posting today:
| I have succeeded in getting it to not run command.com and
| cmd.exe. However, Disallowing ntvdm.exe has not stopped
| it running DOS programs or executing (via CreateProcess)
| a 16-bit program from within a 32-bit windows program.
| If I run a DOS program, ntvdm.exe is in the Task
| Manager's list of running processes.
| Any help would be appreciated.
| Regards,
| Peter
| >-----Original Message-----
| >Hi Peter,
| >
| >We also need to restrict the Ntvdm.exe (Virtual DOS
| Machine). Then, the
| >16-bit application won't run.
| >
| >Thanks for using Microsoft News Group!
| >
| >Sincerely,
| >
| >Steven Liu
| >
| >Microsoft Online Partner Support
| >
| >MCSE 2000
| >
| >Get Secure! ¨C www.microsoft.com/security
| >
| >This posting is provided ¡°as is¡± with no warranties
| and confers no rights.
| >--------------------
| >| Content-Class: urn:content-classes:message
| >| From: "Steven Liu" <[email protected]>
| >| Sender: "Steven Liu" <[email protected]>
| >| References: <[email protected]>
| ><[email protected]>
| >| Subject: RE: Disabling 16-bit programs
| >| Date: Tue, 12 Aug 2003 01:44:01 -0700
| >| Lines: 68
| >| Message-ID: <[email protected]>
| >| MIME-Version: 1.0
| >| Content-Type: text/plain;
| >| charset="iso-8859-1"
| >| Content-Transfer-Encoding: quoted-printable
| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| X-MimeOLE: Produced By Microsoft MimeOLE
| V5.50.4910.0300
| >| Thread-Index: AcNgreDPZY7CfO5qTreXdDs9xPM0wA==
| >| Newsgroups: microsoft.public.windowsxp.security_admin
| >| Path: cpmsftngxa06.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl
| microsoft.public.windowsxp.security_admin:72762
| >| NNTP-Posting-Host: TK2MSFTNGXA08 10.40.1.160
| >| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
| >|
| >| Hi Steven,
| >| Thanks for your reply. Unfortunately, restricting
| >| command.com and cmd.exe does not necessarily prevent
| 16-
| >| bit exes from running.
| >| I want to prevent 32-bit programs from doing a
| >| CreateProcess to launch a 16-bit exe.
| >| Regards,
| >| Peter
| >| >-----Original Message-----
| >| >Hi Peter,
| >| >
| >| >We can use the steps in the article to restrict to
| run
| >| command.com and
| >| >cmd.exe.
| >| >
| >| >310791 Description of the Software Restriction
| Policies
| >| in Windows XP
| >| >http://support.microsoft.com/?id=310791
| >| >
| >| >Thanks for using Microsoft News Group!
| >| >
| >| >Sincerely,
| >| >
| >| >Steven Liu
| >| >
| >| >Microsoft Online Partner Support
| >| >
| >| >MCSE 2000
| >| >
| >| >Get Secure! ¨C www.microsoft.com/security
| >| >
| >| >This posting is provided ¡°as is¡± with no warranties
| >| and confers no rights.
| >| >--------------------
| >| >| Content-Class: urn:content-classes:message
| >| >| From: "Peter Cheesewright" <[email protected]>
| >| >| Sender: "Peter Cheesewright" <[email protected]>
| >| >| Subject: Disabling 16-bit programs
| >| >| Date: Mon, 11 Aug 2003 09:15:59 -0700
| >| >| Lines: 2
| >| >| Message-ID: <[email protected]>
| >| >| MIME-Version: 1.0
| >| >| Content-Type: text/plain;
| >| >| charset="iso-8859-1"
| >| >| Content-Transfer-Encoding: 7bit
| >| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| >| X-MIMEOLE: Produced By Microsoft MimeOLE
| >| V5.50.4910.0300
| >| >| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
| >| >| Newsgroups:
| microsoft.public.windowsxp.security_admin
| >| >| Path: cpmsftngxa06.phx.gbl
| >| >| Xref: cpmsftngxa06.phx.gbl
| >| microsoft.public.windowsxp.security_admin:72338
| >| >| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
| >| >| X-Tomcat-NG:
| microsoft.public.windowsxp.security_admin
| >| >|
| >| >| How do I setup up XP to prevent the execution of 16
| >| bit
| >| >| exe files and/or dlls?
| >| >|
| >| >
| >| >.
| >| >
| >|
| >
| >.
| >
|