First introduced in Windows 7, Applocker is Microsoft’s application control solution. It works with either blacklists or whitelists of applications. With Applocker, an administrator can create policies that restrict or allow specific applications from being installed or run by users. In the Windows 8 version, Applocker has now evolved to manage both the traditional desktop applications and the new Metro apps. While it is perhaps not as comprehensive as other whitelisting/application Control solutions, it is a step in the right direction. One of the biggest and most glaring differentiators between the Microsoft Applocker solution and other current generation whitelisting/application controls is the lack of support for a trust model for their products or third-party applications. This is important to help reduce the administrative burden of both the implementation and ongoing maintenance of an effective enterprise-wide whitelisting/application control solution.
While not an all-encompassing review of the security features available in Windows 8, in this slideshow, Paul Henry, security and forensic analyst at Lumension, takes a quick look at some of the more noteworthy capabilities in this latest iteration from Microsoft.