4 Replies Latest reply on Jun 14, 2012 8:44 PM by JoeyMc

    Allowing DLL modification

      We are currently monitoring a group of servers in preparation for enabling Application Control on these systems. On one particular server, it is modifying and solidifying 3 DLL files using the SYSTEM process. If we were to enable Solidcore at this point, it would block this operation from happening. How do you safely allow operations like this without making SYSTEM an updater? An example of the message we see is below.

       

      Server                                   File                                                            Operation               User          Process          Workflow ID

      GENERICSERVER            C:\GenericFolder\Something.dll          File Modified          UserID     SYSTEM          UPDATE_MODE_2