I am new user of CIS, latest version. It surprises me that in the settings for Trusted application (predefined policy) I see that the only 2 options available to run executable are Ask and Block. No Allow option is available. Is it normal?
I use Total Commander as shell, and often use it to run executables (downloaded freewares for example). It is annoying that each time (at least for new executable) I need to confirm and memorize an authorization popup.
It is the same problem when using for example Opera as browser. When I start downloading an executable, even if Opera is set to Trusted application, I have to confirm that Opera has the right to create this executable (the downloaded exe).
Thank you for your input, but the problem is that in modify policy for Trusted application, there are only 2 radio buttons, one for Ask, one for Block. There is no third radio button for Allow (as in other usual entries). So I cannot explicitly decide to allow run executable for Trusted application!
I would not want my web browser or e-mail client to have un-restricted access to run any executable without asking. Simple reason is I want to know if its a BOT program being forced on me or just an active x update to display the web page correctly.
Allowing your web browser to ‘just do it’ opens your system to way too many avenues of getting viruses or worse. Having the pop-up is your best chance to choose what you want to run or deny. Thats the advantage of the default deny but also the price you get to pay. I like the price of admission. Keeps the rent low and the bugs out.