Windows users often install anti-virus programs to shield their computers from potential threats. Despite employing such defenses, many still find themselves at the mercy of unforeseen malware attacks. To combat this vulnerability, it’s imperative to adopt more rigorous safety measures. One such precaution is blocking certain folders prone to infection, like Temp and App Data, from executing potentially harmful files. While these steps are crucial, it’s essential to remember that no security measure is foolproof.
Certain operating system folders serve as hotspots for installing, updating, unzipping, and managing software applications, making them susceptible to malware attacks. Notably, “C:\Windows\Temp” is often likened to a hub for various malware threats and viruses. Other vulnerable folders include “%MYPROFILE%/Data/Local/” and its subfolders, as well as “%MYPROFILE%/Data/Roaming/” and its associated directories. These directories don’t merely act as storage; they often need to execute .exe files. To fortify the system’s defenses against malware intrusions, it’s pivotal to block these .exe files from running in high-risk folders on Windows 11 or 10. In the subsequent sections, we’ll delve into the detailed procedures to implement this protective measure.
How to Block EXE Files in Vulnerable Folders from Running in Windows 11 or 10?
The following steps will block .exe files from running on Windows 11 or 10 in Vulnerable Folders:-
Step 1. Open Local Group Policy Editor (Windows 11/10 Home editors are required to enable gpedit.msc in their systems).
Step 2. Once the local group policy editor window opens in your system, follow the path as shown below in the left side pane:-
Computer Configuration > Windows Settings > Security Settings > Software Restriction Policies
Step 3. Right-click in the Software Restriction Policies folder and select New Software Restriction Policies from the pop-up menu.
Step 4. After that selection, Windows will create some new associated/subfolders. Right-click on the Additional Rules and select New Path Rule.
Step 5. At the “New Path Rule” window that appears, enter the steps of the executable file you want to stop from running. It is mandatory to enter file extensions, i.e., *.exe, at the end to block only executable files.
Step 6. Click Apply.
Step 7. Click OK.
We suggest you block the following:-
- C:/Windows/Temp/*.exe
- C:/Windows/Temp/*/*.exe
- %MYPROFILE%/Data/Local/*.exe
- %MYPROFILE%/Data/Local/*/*.exe
- %MYPROFILE%/Data/Roaming/*.exe
- %MYPROFILE%/AppData/Roaming/*/*.exe
These steps will block the executable files vulnerable to malware threats. It will also work on those threats that may come from archive files opened using Windows Zip support.
In some instances, if you want to unblock some .exe files, we need to follow the following steps:-
Step 1. Go to the Security Levels.
Step 2. Select the Unrestricted option in the drop-down menu.
Step 3. Create a “New Path Rule.”
Step 4. Click Apply.
Step 5. Click OK.
Conclusion
Securing Windows operating systems, specifically Windows 10 and 11, is a top priority for users worldwide. By implementing software restriction policies through the Local Group Policy Editor, users can prevent the execution of potentially harmful .exe files in folders prone to malware attacks. Although this measure significantly enhances the system’s security, users should remain vigilant and maintain a multi-layered approach to cybersecurity, recognizing that no single solution is entirely foolproof.
