GoToAssist_Corporate_Customer.exe tries to expand iteself to %TEMP% and run code from there. For security reason this is not allowed (AppLocker). All Programs have to run from "C:\Program Files...".
Does anyone know how to handle this?
Solved! Go to Solution.
Hi @ThiloL
I believe AppLocker allows you to create exceptions for specific signed applications. You should be able to create an exception to allow the signed GoToAssist software to run while it continues to block everything else.
@ThiloL If you are referencing the first time client download, then I'm afraid the AppData folder is required to finalize the install:
C:\Users\(User)\AppData\Local\LogMeIn
C:\Users\(User)\AppData\Local\Temp\LogMeIn
C:\Users\(User)\AppData\Local\Temp\LogMeInLogs
This opens a security hole, because from then untrusted code is executable in this folders. Why I cannot preexpand this stuff and place under "c:\program files"?
Hi @ThiloL
I believe AppLocker allows you to create exceptions for specific signed applications. You should be able to create an exception to allow the signed GoToAssist software to run while it continues to block everything else.
This might be a solution. But I have to establish an maintain an exception in my AppLocker-stuff. I would like to see, that the self-extarcting stuff goes away und I can deploy a customer client on a regular basis. As every other software.
Mark it as a solution if you want.