Blocking IE 8 but not IE 9 with ADC

Created: 27 Feb 2013 | 1 comment

landmissle

What is the best way to distinquish between Internet Explorer 8 and Internet Explorer 9 so that I can effectively block IE 8, but allow the use of IE 9 with Application and Device Control in SEP. I don't think using checksum.exe and hashes will work will because of the multiple versions of IE 8 and IE 9 that exists (variations due to patches and such). Certainly using the process name or appliation path won't work because they are the same.

Any ideas?

Thank you in advance!

Operating Systems:

Windows 7

Discussion Filed Under:

Security, Endpoint Protection (AntiVirus) - 12.x, Endpoint Protection (AntiVirus), Windows 7

Login or register to post comments
Comments RSS Feed

Comments 1 Comment • Jump to latest comment

Brian81 Trusted Advisor

Blocking IE 8 but not IE 9 with ADC - Comment:27 Feb 2013 : Link

The best option would be to use hash blocking. I'm not sure there is an easier way with ADC. Does the hash actually change when IE is patched? I'm not sure iexplore.exe changes but only when new versions are released. Only files used by IE may change with a patch but not iexplore.exe.

SEP Knowledge Base

Endpoint SWAT

Blocking IE 8 but not IE 9 with ADC

Comments 1 Comment • Jump to latest comment

Would you like to reply?

Links