#672 PowerShell *.ps1 allowed exeution + TAM enabled
0.- Enable TAM.
1.- Run the following ps1 script file Hello World.ps1:
Write-Host "Hello World" Write-Host "Press any key to continue ..." $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
KTS2020 moves it to Low Restricted group and allows execution.
Script ps1 files should be blocked by TAM upon execution. I also reported this issue in previous beta testing and it was fixed... unless the policy to execute ps1 scripts had change?
Operating system: Win 10, x64
System: AMD Athlon II X3 450 @ 3'20Gh, 8GB RAM DDR3, AMD Radeon HD 5670, SSD Samsung pro 850 256GB
Product Version: 20.0.0.+
Product Logs: https://cloud.qainfo.ru/s/5q7XetZseJN1IbZ
Hello, @harlan4096 !
Please run this scenario:
0 - will be great, if you have clean virtual PC and can install product "for the first time"
1 - be sure you have not PS scripts on your desktop (in any folders of desktop, or in "documents")
2 - enable TAM
3 - get your PS script file in ZIP or RAR archive after TAM finish analyze
4 - try to start file with Power Shell
So it should be blocked.
There are some cases, when TAM think you trust app or file, so he doesn't go to server to check privileges — just moves it to "light restriction" automatically.
I just installed new build KTS2020 b713 and enabled TAM, this time I created the ps1 script file after TAM analysis and ran it, and this time the .ps1 script was moved to Low Restricted but blocked upon execution by TAM!