Russinovich rescues the TechEd 2009 Windows 7
BetaNews | at | by Mike
Software News BetaNews > Software --> It's Windows 7's new AppLocker feature, which he calls "SRP [software restriction policy on steroids.
"Think of it as a firewall but at the kernel level: When enabled in a network environment, by default, AppLocker disables any application from running that isn't recognized as part of Windows. That, by itself, isn't something anyone would want; so using group policy or using Local Security Policy at the client level a user or admin can program exceptions to this default rule. Those exceptions can monitor the operating system for metadata pertaining to running applications, enabling selected software to run even after it's been upgraded.