Endpoint Protection

 View Only
  • 1.  Blocks autorun.inf

    Posted May 14, 2020 09:55 AM
    Im managing endpoint security in SEP Cloud (https://sep.securitycloud.symantec.com/) and seems autorun.inf is blocked by following message "The process explorer.exe was blocked from modifying D:\autorun.inf"
    It refers to rule "Autorun.inf_Read File" which is in Device Control policy. However, only option is to allow certain devices, not exactly modifying autorun rule.
    Any suggestions / best practices how to avoid it?



  • 2.  RE: Blocks autorun.inf

    Broadcom Employee
    Posted May 14, 2020 10:36 AM
    I believe this is in the Application Control rules, not Device Control. Have you checked there?

    ------------------------------
    John Owens
    Principal Product Support
    Symantec
    United States
    ------------------------------



  • 3.  RE: Blocks autorun.inf

    Posted May 14, 2020 10:48 AM
    Hi,
    There is no such policy as Application control




  • 4.  RE: Blocks autorun.inf

    Broadcom Employee
    Posted May 14, 2020 10:56 AM
    SES may have this as a built in rule that cannot be edited.  May want to open a support case to get confirmation on that.

    ------------------------------
    John Owens
    Principal Product Support
    Symantec
    United States
    ------------------------------



  • 5.  RE: Blocks autorun.inf

    Posted May 15, 2020 02:45 AM
    Hi!

    Thanks for advise. Can you share link where support case can be created?


  • 6.  RE: Blocks autorun.inf

    Broadcom Employee
    Posted May 15, 2020 12:58 PM
    https://support.broadcom.com/

    ------------------------------
    John Owens
    Principal Product Support
    Symantec
    United States
    ------------------------------



  • 7.  RE: Blocks autorun.inf

    Posted Oct 26, 2020 11:06 AM
    Any luck with resolving this? Facing the same issue.


  • 8.  RE: Blocks autorun.inf

    Posted Jan 20, 2021 11:44 AM
    Any news on this issue? We are dealing with it as well.