Endpoint Protection

  • Private Community
 View Only

 SEP 14.2 explorer.exe unblock for one specific USB device type

Morten Henriksen Gosvig's profile image
Morten Henriksen Gosvig posted Mar 24, 2021 06:20 AM
Hey

I have a problem with our Barco Clickshare devices not being able to automatically start anymore.
We have blocked explorer.exe from running autorun.inf.

My question is, is it possible to make explorer.exe able to read the autorun.inf for a specific device?

I tried to add the following rule to our device control policy - but doesnt seem to make a difference.
BenjaminHare's profile image
BenjaminHare posted Apr 06, 2021 05:59 PM

Try the following exception using your own device type:

  • Match = [^\\]*\\autorun\.inf
  • 🔘 use regular expression matching
  • ☑ Only match files on the following drive types
    • ☑ Removable drive
  • ☑ Only match file on the following device type = USBSTOR\Disk&Ven_SanDisk&Prod_Cruzer_Glide&Rev_1.26\*

Here are a few screenshots.

Edit Application Control Rule Set

Full res image is here.



Detail of rule

Full res image is here.

Let me know if this helps.

Edited formatting, clarification.