Security must always be one of the main reasons to be managed regardless of the type of user we are (home or company) since any failure or vulnerability will put at risk not only that information but many other general aspects of the system itself, such as configuration or services. There are several techniques or tasks that put security at risk in Windows 10 and one of the most common is the installation and execution of applications since these may contain malicious code that will affect many system parameters..
In addition, the execution of certain applications can be a productivity problem, especially in corporate environments, since many users can run applications that affect their performance. As administrators we must take the necessary measures so that these users do not run these applications during a work schedule.
No third-party software or large configurations are required in the firewall rules since TechnoWikis will explain in a simple and practical way how to restrict the use of applications or programs in Windows 10..
1. Restrict the use of programs in Windows 10 using the Registry Editor
The Windows 10 registry editor is a central point from which we have the opportunity to apply changes in various system functions both at the general level and at the user level. Before executing this process it is recommended to create a restoration point in case any configuration can go wrong and thus have the possibility of recovering the normal operation of the system.
Step 1
To access the Registry Editor we will use the following key combination and execute the regedit command:
+ R
Step 2
In the editor window we will go to the following route:
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer
Note
In case the Explorer key is not available, we must right click on "Policies" and there select the option "New / Password" and assign the name "Explorer".
Step 2
Now we will right click somewhere in the Explorer key and select the option "New / Value of DWORD (32 bits)":
Step 3
This DWORD value will be called "DisallowRun":
Step 4
Now we double click on this value, or right click / Modify, and in the field "Value information" enter the number 1. Click OK to save the changes.
Step 5
The next step will be to right click on the "Policies" key and there select the "New / Password" route:
Step 6
This new key will be called "DisallowRun":
Step 7
Now we will right click on the DisallowRun key and select the "New / String Value" option:
Step 8
This new value will be called 1:
Step 9
There we double click on this string value and in the "Value information" field we will enter the name of the executable to block:
Step 10
We click on OK to save the changes and when we want to execute this application, we will see the following message. If we want to block more applications, we must create string values ​​in consecutive order (2, 3, 4, etc)
2. Restrict the use of programs in Windows 10 using the GPO Editor
Group policies are other options that we have to manage numerous parameters of both the operating system and its users.
Step 1
To access this editor, we will use the following keys and execute the following command:
+ R
gpedit.msc
Note
This option only applies to Windows 10 Pro and Enterprise editions.
Step 2
Click OK and in the displayed window we go to the following route:
Step 3
In the central console we locate the policy called "Run only specified Windows applications":
Step 4
We double-click on it and in the pop-up window we activate the "Enable" box:
Step 5
The "Show" button is activated, which we will press and in the respective field we will enter the name of the executable to block. Click OK and then click Apply and Accept to save the changes. This process will block this application for all users of the system,
Step 6
If we want to block a program for a single user it will be necessary to add the Group Policy Object Editor plugin to the Microsoft Management Console. To achieve this we will use the following keys and execute the mmc command:
+ R
mmc
Step 7
Press Enter and in the expanded window we will go to the menu "File / Add or remove add-ons" or we can use the following keys:
+ M Ctrl + M
Step 8
In the displayed window, select "Group Policy Object Editor":
Step 9
We click on "Add" and the following window will be displayed:
Step 10
We click on the "Browse" button and in the pop-up window we go to the "Users" tab and there we select the user in which the application will be blocked:
Step 11
Click on OK and we will see the following. There we see the route of that user, we click on the "Finish" button to complete the process.
Step 12
Now it will be possible from there to configure the policies only for that particular user:
Step 13
If we want to save this template for future changes, we will go to the File / Save as menu and store this template in the default path with the extension .msc:
As simple as that, we can block a program especially in Windows 10 without using any third-party application and with the best efficiency and security features.
