cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

HTML applications not blocked by SolidCore

I am running vbscripts embedded in .hta files and these scripts are not under whitelist.

These scripts are allowed to run on solidified system and I am not seeing any access denied errors generated for these vbscripts.

Why hta files are not blocked by McAfee Application Control ?

6 Replies
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 7

Re: HTML applications not blocked by SolidCore

I think the simple answer, is because they are not executables - they are "macros" running under mshta.exe.

Highlighted
Level 12
Report Inappropriate Content
Message 3 of 7

Re: HTML applications not blocked by SolidCore

Security Geek,

The scripts are whitelisted with respect to cscript and wscript engines.

Do you know which interpreter is executing these .hta files?

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 7

Re: HTML applications not blocked by SolidCore

mshta.exe runs .hta files...

Highlighted
Level 12
Report Inappropriate Content
Message 5 of 7

Re: HTML applications not blocked by SolidCore

Will need to understand the process tree context then.

For example is the cscript engine still invoked to execute the embedded vbscripts?

In which case, you can add .hta extension to the existing vbscript scripts rule.


Or you can choose to whitelist all .hta files wrt mshta.exe interpreter.

Highlighted
Level 12
Report Inappropriate Content
Message 6 of 7

Re: HTML applications not blocked by SolidCore

Security geek,

You can get this data by running procmon when you lauch the .hta file.

If you need further help, contact support and they can help you with the steps.

Highlighted

Re: HTML applications not blocked by SolidCore

I got the answer I was searching for.

Thank you guys.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community