Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog
The Non-Admin blog - running with least privilege on the desktop... and then dealing with the application compatibility fallout... and using Sysinternals and other utilities to figure things out
My last blog post on this platform
The content on Microsoft's MSDN and TechNet blog platforms will soon become read-only. So, this is...
Date: 06/19/2019
"AaronLocker" big perf and feature updates (17 June 2019)
(On the 15th anniversary of my first blog posts...) Performance improvements in the "AaronLocker"...
Date: 06/17/2019
"AaronLocker" updates (22 May 2019)
Always handles Portable Executable files even with non-standard extensions such as .tmp and...
Date: 05/22/2019
“AaronLocker” updates (13 May 2019)
Hot on the heels of yesterday's changes, "AaronLocker" now handles EXE and DLL files with...
Date: 05/14/2019
"AaronLocker" updates (12 May 2019)
Just committed some changes to the "AaronLocker" repo on GitHub and its documentation. Changes...
Date: 05/12/2019
"AaronLocker" videos on YouTube
7 minute "Intro to 'AaronLocker'," a set of PowerShell scripts that automate AppLocker-related tasks...
Date: 02/22/2019
"AaronLocker" moved to GitHub
"AaronLocker" is a robust, practical, and free PowerShell-based application whitelisting solution...
Date: 01/28/2019
"AaronLocker" update (v0.91) -- and see "AaronLocker" in action on Channel 9!
"AaronLocker" is a robust, practical, PowerShell-based application whitelisting solution for...
Date: 10/11/2018
ANNOUNCING: Application whitelisting with "AaronLocker"
[Update 11 Oct 2018: "AaronLocker" v0.91 released] Announcing the pre-release (v0.9) of...
Date: 06/26/2018
The Case of the Reverting Office Theme (resolved with a long-running Procmon trace)
Several times a day, all my Office apps kept reverting to the default “Colorful” theme, even though...
Date: 08/14/2017
Troubleshooting with the Windows Sysinternals Tools - now available!
Over three years ago, I announced that Mark Russinovich and I had signed a contract with Microsoft...
Date: 10/24/2016
LUA Buglight 2.3, with support for Windows 8.1 and Windows 10
LUA Buglight is a utility for identifying admin-permissions issues (a.k.a., "LUA bugs") in desktop...
Date: 06/30/2015
LUA Buglight 2.3 PREVIEW -- Feedback requested
LUA Buglight is a utility for identifying admin-permissions issues ("LUA bugs") in desktop...
Date: 06/22/2015
Local Administrator Password Solution, at Ignite
Last Friday, Microsoft announced the release of the Local Administrator Password Solution, which...
Date: 05/05/2015
It rather involved being on the other side of this airtight hatchway: Unquoted service paths
Or, Why most "Unquoted Service Paths" findings are unnecessarily alarmist In late 2012, the issue of...
Date: 11/14/2014
Interviewed on "Taste of Premier" about Security Guidance for Windows 8.1, Windows Server 2012 R2 and IE 11
Aaron Margosis interviewed on Channel 9's Taste of Premier about Security Guidance for Windows 8.1,...
Date: 10/21/2014
The Case of the App Install Recorder
Adapted from the forthcoming book, Troubleshooting with the Windows® Sysinternals Tools, by Mark...
Date: 09/04/2014
Security baselines for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11 – FINAL
Microsoft has published its security guidance and baselines for Windows 8.1, Windows Server 2012 R2...
Date: 08/15/2014
Sysinternals at TechEd US 2014: LIVE
Sorry for the late notice, but I just saw this: Sysinternals Primer: TechEd 2014 Edition will be...
Date: 05/13/2014
Sysinternals at TechEd US 2014
I'll be presenting "TWC: Sysinternals Primer: TechEd 2014 Edition" in Houston, Tuesday, May 13,...
Date: 05/01/2014
Security baselines for Windows 8.1, Windows Server 2012 R2 and Internet Explorer 11
Although the US Government has not published a US Government Configuration Baseline (USGCB) standard...
Date: 04/07/2014
My Ian MacKaye / Dischord Records interview on WTJU.net
A long time ago, before the introduction of the IBM Personal Computer, I was a DJ at the University...
Date: 04/01/2014
I'll be on Defrag Tools (Channel 9)
Earlier today I finally got the chance to go into the studio to appear on the "Defrag Tools" show on...
Date: 03/06/2014
Speaking at Washington DC IT Pro Camp, Sat. Feb. 22, 2014
Microsoft is pleased to announce the first Washington DC IT Pro Camp on Saturday, February 22 2014...
Date: 02/12/2014
Knowledge Base updates about UAC
I should be working on the Sysinternals book, but there were a couple of KB articles about User...
Date: 01/14/2014
EventCreate and "ERROR: Source parameter is used to identify custom applications/scripts only"
EventCreate.exe is a command line utility that comes with Windows that lets you write events into...
Date: 11/01/2013
Redefining what "Never doing that again" means... Troubleshooting with the Windows Sysinternals Tools, Second Edition
When people asked me what it was like writing a book, I'd invariably answer, "It was a once in a...
Date: 08/29/2013
Sysinternals - and Pass the Hash - at TechEd next week.
There are five talks highlighting the Sysinternals utilities at TechEd North America next week in...
Date: 05/29/2013
Mitigating "Pass the Hash"...
Microsoft's Trustworthy Computing (TWC) has just published a whitepaper, Mitigating Pass-the-Hash...
Date: 12/11/2012
Using NTFS Junctions to Fix Application Compatibility Issues on 64-bit Editions of Windows
Executive Summary This paper describes a simple way to mitigate some types of application...
Date: 12/09/2012
LUA Buglight 2.2 with support for Windows 8
Announcing the release of LUA Buglight 2.2, including support for Windows 8. LUA Buglight is an...
Date: 11/28/2012
The Sysinternals book is available in Russian!
The Windows Sysinternals Administrator's Reference that I co-authored with Mark Russinovich is now...
Date: 11/20/2012
Quoted by Raymond Chen!
It’s one thing to have one's name associated with Mark Russinovich, but quite another to be...
Date: 09/04/2012
"Defrag Tools" - a new Channel 9 series (that will talk a lot about Sysinternals utilities)
My colleague and debug super-guru Andrew Richards sent this announcement out earlier today: Larry...
Date: 08/06/2012
TSSessions utility
Part of my Sysinternals Primer: Gems presentation at TechEd last month covered the topics of...
Date: 07/17/2012
From TechEd: Legacy Web App Issues, Sysinternals Gems, webcast with Mark Russinovich
The two sessions I delivered at TechEd this year are now available online, as is the recording of my...
Date: 07/17/2012
Legacy Web App Security and Sysinternals at TechEd North America + Europe 2012
I'm presenting a couple of sessions at TechEd North America 2012 in Orlando (June 11-14) and at...
Date: 06/06/2012
Interviewed about the Sysinternals book on Let's Talk Computers
Let's Talk Computers ranks as one of the longest-running computer radio talk shows. I enjoyed it...
Date: 03/21/2012
Interviewed on “Bytes by TechNet”
Last May at TechEd US, I sat down for a six-minute interview with Matt Hester about the Windows...
Date: 10/20/2011
Top Ten Deployment Blockers
My colleague Shelly Bird, a highly esteemed Architect in Microsoft Public Sector Services, has years...
Date: 10/18/2011
FAQ: Where Do I Save Files, and How Exactly Do I Do That?
The correct ways to identify folder paths to store files depends on the programming technology you...
Date: 09/25/2011
PrivBar Update
PrivBar is a toolbar I first published over seven years ago (!) for Internet Explorer and Windows...
Date: 09/01/2011
IEInternals Reviews the Sysinternals Book
We have a lot of really smart people at Microsoft, but among those there are a handful who are the...
Date: 08/16/2011
Windows Sysinternals Administrator’s Reference – now available!
Many of you have long wished for comprehensive, detailed documentation of the Sysinternals...
Date: 07/25/2011
Unintended Consequences and Sysinternals at Tech-Ed Available Online
The two sessions I presented last week at Tech-Ed North America 2011 are now available for on-demand...
Date: 05/24/2011
IEZoneAnalyzer updated
I just posted a major update to IEZoneAnalyzer, my IE security zone analysis and comparison utility,...
Date: 04/14/2011
The Case of the Mysterious Law Manager Startup Error
Getting Law Manager v2.4 to run on Windows 7 Overview Several of my customers run old versions...
Date: 04/14/2011
LUA Buglight 2.1.1 with support for Win7/2008R2 SP1
LUA Buglight 2.1.1 is was attached to this blog post and replaces v2.1. It adds support for Windows...
Date: 03/22/2011
Unintended Consequences and Sysinternals at Tech-Ed North America 2011
I'm presenting a couple of sessions at Tech-Ed in Atlanta (May 16-19, 2011): The first is...
Date: 03/09/2011