Disabling 16-bit programs

's Computer Specifications

How do I setup up XP to prevent the execution of 16 bit
exe files and/or dlls?

's Computer Specifications

Hi Steven,

Thanks for your reply. Unfortunately, restricting
command.com and cmd.exe does not necessarily prevent 16-
bit exes from running.

I want to prevent 32-bit programs from doing a
CreateProcess to launch a 16-bit exe.

Regards,
Peter

>-----Original Message-----
>Hi Peter,
>
>We can use the steps in the article to restrict to run
command.com and
>cmd.exe.
>
>310791 Description of the Software Restriction Policies
in Windows XP
>http://support.microsoft.com/?id=310791
>
>Thanks for using Microsoft News Group!
>
>Sincerely,
>
>Steven Liu
>
>Microsoft Online Partner Support
>
>MCSE 2000
>
>Get Secure! ¨C www.microsoft.com/security
>
>This posting is provided ¡°as is¡± with no warranties
and confers no rights.
>--------------------
>| Content-Class: urn:content-classes:message
>| From: "Peter Cheesewright" <(E-Mail Removed)>
>| Sender: "Peter Cheesewright" <(E-Mail Removed)>
>| Subject: Disabling 16-bit programs
>| Date: Mon, 11 Aug 2003 09:15:59 -0700
>| Lines: 2
>| Message-ID: <010801c36023$da1e5a50$(E-Mail Removed)>
>| MIME-Version: 1.0
>| Content-Type: text/plain;
>| charset="iso-8859-1"
>| Content-Transfer-Encoding: 7bit
>| X-Newsreader: Microsoft CDO for Windows 2000
>| X-MIMEOLE: Produced By Microsoft MimeOLE
V5.50.4910.0300
>| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
>| Newsgroups: microsoft.public.windowsxp.security_admin
>| Path: cpmsftngxa06.phx.gbl
>| Xref: cpmsftngxa06.phx.gbl
microsoft.public.windowsxp.security_admin:72338
>| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
>| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
>|
>| How do I setup up XP to prevent the execution of 16
bit
>| exe files and/or dlls?
>|
>
>.
>

's Computer Specifications

's Computer Specifications

's Computer Specifications

's Computer Specifications

Hi Peter,

If the user is the local user, we also can set the NTFS permission of the 3
files of the user. We can remove all permission of the 3 files to the other
user.

Then, the other users are unable to run the 16-bit applications.

Thanks for using Microsoft News Group!

Sincerely,

Steven Liu

Microsoft Online Partner Support

MCSE 2000

Get Secure! ¨C www.microsoft.com/security

This posting is provided ¡°as is¡± with no warranties and confers no rights.
--------------------
| Content-Class: urn:content-classes:message
| From: "Peter Cheesewright" <(E-Mail Removed)>
| Sender: "Peter Cheesewright" <(E-Mail Removed)>
| References: <010801c36023$da1e5a50$(E-Mail Removed)>
<(E-Mail Removed)>
<03e501c360ad$e0cfcf70$(E-Mail Removed)>
<4Md$(E-Mail Removed)>
| Subject: RE: Disabling 16-bit programs
| Date: Fri, 15 Aug 2003 06:29:48 -0700
| Lines: 134
| Message-ID: <0d8d01c36331$4ca69a00$(E-Mail Removed)>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: quoted-printable
| X-Newsreader: Microsoft CDO for Windows 2000
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Thread-Index: AcNjMUymrlDOsE9wRG6qe7ALNpp3Mw==
| Newsgroups: microsoft.public.windowsxp.security_admin
| Path: cpmsftngxa06.phx.gbl
| Xref: cpmsftngxa06.phx.gbl microsoft.public.windowsxp.security_admin:75404
| NNTP-Posting-Host: TK2MSFTNGXA09 10.40.1.161
| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
|
| Following my earlier posting today:
| I have succeeded in getting it to not run command.com and
| cmd.exe. However, Disallowing ntvdm.exe has not stopped
| it running DOS programs or executing (via CreateProcess)
| a 16-bit program from within a 32-bit windows program.
| If I run a DOS program, ntvdm.exe is in the Task
| Manager's list of running processes.
| Any help would be appreciated.
| Regards,
| Peter
| >-----Original Message-----
| >Hi Peter,
| >
| >We also need to restrict the Ntvdm.exe (Virtual DOS
| Machine). Then, the
| >16-bit application won't run.
| >
| >Thanks for using Microsoft News Group!
| >
| >Sincerely,
| >
| >Steven Liu
| >
| >Microsoft Online Partner Support
| >
| >MCSE 2000
| >
| >Get Secure! ¨C www.microsoft.com/security
| >
| >This posting is provided ¡°as is¡± with no warranties
| and confers no rights.
| >--------------------
| >| Content-Class: urn:content-classes:message
| >| From: "Steven Liu" <(E-Mail Removed)>
| >| Sender: "Steven Liu" <(E-Mail Removed)>
| >| References: <010801c36023$da1e5a50$(E-Mail Removed)>
| ><(E-Mail Removed)>
| >| Subject: RE: Disabling 16-bit programs
| >| Date: Tue, 12 Aug 2003 01:44:01 -0700
| >| Lines: 68
| >| Message-ID: <03e501c360ad$e0cfcf70$(E-Mail Removed)>
| >| MIME-Version: 1.0
| >| Content-Type: text/plain;
| >| charset="iso-8859-1"
| >| Content-Transfer-Encoding: quoted-printable
| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| X-MimeOLE: Produced By Microsoft MimeOLE
| V5.50.4910.0300
| >| Thread-Index: AcNgreDPZY7CfO5qTreXdDs9xPM0wA==
| >| Newsgroups: microsoft.public.windowsxp.security_admin
| >| Path: cpmsftngxa06.phx.gbl
| >| Xref: cpmsftngxa06.phx.gbl
| microsoft.public.windowsxp.security_admin:72762
| >| NNTP-Posting-Host: TK2MSFTNGXA08 10.40.1.160
| >| X-Tomcat-NG: microsoft.public.windowsxp.security_admin
| >|
| >| Hi Steven,
| >| Thanks for your reply. Unfortunately, restricting
| >| command.com and cmd.exe does not necessarily prevent
| 16-
| >| bit exes from running.
| >| I want to prevent 32-bit programs from doing a
| >| CreateProcess to launch a 16-bit exe.
| >| Regards,
| >| Peter
| >| >-----Original Message-----
| >| >Hi Peter,
| >| >
| >| >We can use the steps in the article to restrict to
| run
| >| command.com and
| >| >cmd.exe.
| >| >
| >| >310791 Description of the Software Restriction
| Policies
| >| in Windows XP
| >| >http://support.microsoft.com/?id=310791
| >| >
| >| >Thanks for using Microsoft News Group!
| >| >
| >| >Sincerely,
| >| >
| >| >Steven Liu
| >| >
| >| >Microsoft Online Partner Support
| >| >
| >| >MCSE 2000
| >| >
| >| >Get Secure! ¨C www.microsoft.com/security
| >| >
| >| >This posting is provided ¡°as is¡± with no warranties
| >| and confers no rights.
| >| >--------------------
| >| >| Content-Class: urn:content-classes:message
| >| >| From: "Peter Cheesewright" <(E-Mail Removed)>
| >| >| Sender: "Peter Cheesewright" <(E-Mail Removed)>
| >| >| Subject: Disabling 16-bit programs
| >| >| Date: Mon, 11 Aug 2003 09:15:59 -0700
| >| >| Lines: 2
| >| >| Message-ID: <010801c36023$da1e5a50$(E-Mail Removed)>
| >| >| MIME-Version: 1.0
| >| >| Content-Type: text/plain;
| >| >| charset="iso-8859-1"
| >| >| Content-Transfer-Encoding: 7bit
| >| >| X-Newsreader: Microsoft CDO for Windows 2000
| >| >| X-MIMEOLE: Produced By Microsoft MimeOLE
| >| V5.50.4910.0300
| >| >| Thread-Index: AcNgI9oe56XBJFxISG+5C9bFpceuaw==
| >| >| Newsgroups:
| microsoft.public.windowsxp.security_admin
| >| >| Path: cpmsftngxa06.phx.gbl
| >| >| Xref: cpmsftngxa06.phx.gbl
| >| microsoft.public.windowsxp.security_admin:72338
| >| >| NNTP-Posting-Host: TK2MSFTNGXA11 10.40.1.163
| >| >| X-Tomcat-NG:
| microsoft.public.windowsxp.security_admin
| >| >|
| >| >| How do I setup up XP to prevent the execution of 16
| >| bit
| >| >| exe files and/or dlls?
| >| >|
| >| >
| >| >.
| >| >
| >|
| >
| >.
| >
|

Thread Tools
Show Printable Version Email this Page
Rate This Thread
Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
disabling programs	=?Utf-8?B?Q2VsZQ==?=	Microsoft Windows 2000	1	28th Dec 2005 08:54 PM
Disabling all programs	Dwight	Windows XP Internet Explorer	1	20th Jan 2004 04:43 PM
Re: Disabling Startup Programs	Rick \Nutcase\ Rogers	Windows XP Basics	0	7th Aug 2003 11:35 AM
Disabling programs	Erik	Windows XP Performance	1	6th Jul 2003 12:15 PM
disabling programs in XP?	Barrie	Windows XP Basics	2	2nd Jul 2003 07:48 PM