This is a problem for me too and leaving the opener.exe in the downloads folder is NOT the worst that can happen. My users get an error on the screen which generates a Help Desk call and is totally unacceptable. Like someone else suggested there are other options for webinars so please fix this.
Wow. So its not just me.
Same issue affecting whole enterprise here. We're prob around 6-700 users across maybe 6 sites. No-one can use GoToMeeting.
We whitelisted the desktop app - guess what? It creates a random file in temp.
We thought "That's OK, we'll use the web app instead - guess what? It too creates a random file in temp, this time not a .BAT but a .PSM or similar.
One can only assume that other G2M users on secure networks do not utilise AppLocker; which I'll accept is rather more restrictive than a lot of solutions but, as the Microsoft included and preferred application security tool, is something you'd expect third party WIndows applications to respect.
It would be easier for us to whitelist were it an option to write these temporary files to a directory of our choosing; change 'TEMP' environment for G2M. At least this way we can avoid whitelisting the whole generic WIndows temp area - which does indeed cure the issue but is madness from a security perspectice.
We here are having the same issue. McAfee is set to not allow ANYTHING from within AppData folder, unless we whitelist it. We have 17,000 users globally, and while we are a Cisco WebEx shop for meetings, we get vendors, and outside entities that are a GTM shop and send our users meeting invites. Let me tell you the process we have right now. I have a user that is on a weekly meeting with an outside entity, they have to bring their laptop down to us in IT, or call us and we go down to their office. We have to admin login to the McAfee, disable the entire suite. When user clicks the link given, it's a 200 character file of gibberish text and it won't let them do anything. Once McAfee is disabled, click the link again, and the file is gotomeeting.exe We don't pay for this product, as I found out with the Outlook Plugin thinking that could be a good workaround, it only works if you're a buyer into the GTM workspace, we already pay for WebEx. This is an issue that logs 100 tickets a week GLOBALLY into our system.
@bobby50371 You don't need to have an account with us to setup the desktop software, but you would in order to login with an Outlook plugin.
For administrators trying to whitelist the batch I would suggest a File Hash rule. Obviously this is only good until G2M decides to update their little script, then we get to whitelist it again!
After turning on AppLocker, it is funny/frustrating to see these lame methods that are actually going on in the background. I am no software developer, but is a batch script really the best way to cleanup after yourself? At the least, I could imagine a PowerShell script that is digitally signed. That way when we use a Publisher rule it actually covers everything that the product is going to do on the system.
G2M is not alone when it comes to this type of issue. I've run into numerous things that try to run in the user space unnecessarily. I just wish that by now Devs would start being more aware because I believe that Application Whitelisting (AppLocker or otherwise) is only going to become more prevelant in the future.