...
- Deny Execute (Blacklist) policies should target specific applications unless being used in conjunction with whitelist policies. Targeting no applications will target all applications with conditions.
- To ensure blacklist policies do not affect system or service applications: from the Arellia Management Console click on Policies, open Policies->Arellia->Application Control->Policies and select your Blacklisting Policy.
- Select they hyperlink next to Exclude Any:
- Then select Arellia->Application Control->Filters->Dynamic Filters->Application Context-> "LocalSystem and Service application" and move that to the right side. Doing so should prevent the blacklist policy from stopping and any Windows Services and Programs from running. This will allow you to update a policy and recover from a bad Deny Execute (blacklist) condition.
...