From 6ed0ff2f5dccde7cfd6864891248f2cec86b90ec Mon Sep 17 00:00:00 2001 From: Violet Hansen Date: Sun, 9 Feb 2025 10:41:53 +0200 Subject: [PATCH] AppControl Manager v.1.8.9.0 (#588) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The AppControl Manager can now be natively installed on non-X64 platforms such as ARM64. It no longer uses MSIX files, it uses MSIXBundle files which include the MSIX files for multiple platforms, making the installation simpler and more straightforward. The Logs page no longer has a file size limit. It will display log files of any size in an optimized and high-performance way. The Logs folder would previous be automatically cleaned up when it reached 100MB. The new limit is now set to 1GB. Removed the color pickers from the Logs page which resulted in the removal of an extra dependency package from the application. They were used to control the logs text color and highlight color which are no longer needed. Now, the text color is defined by your OS theme which makes it more accessible and readable, and the highlight color is defined by your OS accent color. Significantly improved the search experience in the Logs page. FilePath or Wildcard FilePath rules are no longer created for kernel-mode files because only user-mode files can be allowed/denied via File Path. Using FilePath rules for kernel-mode files simply has no effect. ✨You can now effortlessly swap any deployed policy in the System Information page. For example, if you have the "Allow Microsoft" policy deployed and you want to change it instantly to "Default Windows", you can select "Default Windows" from the dropdown menu and confirm the action. All of the supplemental policies associated with that base policy will continue to work. At the moment this feature only works for unsigned policies and will cover signed policies in a future version. In the MDE Advanced Hunting page, added a new section where you can view query examples that generate standard logs compatible with the AppControl Manager, as suggested here. --- AppControl Manager/App.xaml | 65 ++++++ AppControl Manager/AppControl Manager.csproj | 1 - .../SigningDetailsDialog.xaml | 14 -- .../SigningDetailsDialogForRemoval.xaml | 16 +- .../packageManagement.cs | 0 AppControl Manager/Main/BasePolicyCreator.cs | 113 +++++++++-- AppControl Manager/MainWindow.xaml.cs | 4 +- AppControl Manager/Others/GlobalVars.cs | 2 +- AppControl Manager/Others/Logger.cs | 4 +- .../Pages/AllowNewApps/AllowNewApps.xaml | 2 +- .../AllowNewAppsEventLogsDataGrid.xaml | 13 -- .../AllowNewAppsLocalFilesDataGrid.xaml | 12 -- .../Pages/AllowNewApps/AllowNewAppsStart.xaml | 12 +- .../Pages/BuildNewCertificate.xaml | 28 +-- .../Pages/ConfigurePolicyRuleOptions.xaml | 22 +- .../Pages/CreateDenyPolicy.xaml | 23 --- ...eDenyPolicyFilesAndFoldersScanResults.xaml | 12 -- AppControl Manager/Pages/CreatePolicy.xaml | 17 -- AppControl Manager/Pages/CreatePolicy.xaml.cs | 48 +---- .../Pages/CreateSupplementalPolicy.xaml | 23 --- ...entalPolicyFilesAndFoldersScanResults.xaml | 12 -- AppControl Manager/Pages/Deployment.xaml | 26 --- .../Pages/EventLogsPolicyCreation.xaml | 53 +---- .../Pages/GetSecurePolicySettings.xaml | 12 -- AppControl Manager/Pages/Logs.xaml | 57 +++--- AppControl Manager/Pages/Logs.xaml.cs | 191 ++++++------------ .../Pages/MDEAHPolicyCreation.xaml | 108 +++++----- .../Pages/MDEAHPolicyCreation.xaml.cs | 100 +++++++++ AppControl Manager/Pages/MergePolicies.xaml | 20 -- AppControl Manager/Pages/Settings.xaml | 16 -- AppControl Manager/Pages/Simulation.xaml | 12 -- .../Pages/StrictKernelPolicyScanResults.xaml | 12 -- .../SystemInformation/CodeIntegrityInfo.xaml | 1 - .../ViewCurrentPolicies.xaml | 19 +- .../ViewCurrentPolicies.xaml.cs | 179 ++++++++++++++++ AppControl Manager/Pages/Update.xaml | 14 -- AppControl Manager/Pages/Update.xaml.cs | 167 +++++++-------- .../Pages/UpdatePageCustomMSIXPath.xaml | 26 +-- .../Pages/UpdatePageCustomMSIXPath.xaml.cs | 13 +- AppControl Manager/Pages/ValidatePolicy.xaml | 14 -- .../Pages/ViewFileCertificates.xaml | 26 --- AppControl Manager/XMLOps/NewFilePathRules.cs | 23 +-- AppControl Manager/XMLOps/SetCiPolicyInfo.cs | 29 ++- .../XMLOps/SignerAndHashBuilder.cs | 16 +- AppControl Manager/exclusion.dic | 14 +- .../AppControl Manager/AppControl Manager.md | 17 +- ...Create Policy From MDE Advanced Hunting.md | 2 + .../AppControl Manager/System Information.md | 6 + Wiki posts/AppControl Manager/Update.md | 2 +- 49 files changed, 762 insertions(+), 856 deletions(-) rename AppControl Manager/{Others => Excluded Code}/packageManagement.cs (100%) diff --git a/AppControl Manager/App.xaml b/AppControl Manager/App.xaml index 17d5afa08..72ad35c6d 100644 --- a/AppControl Manager/App.xaml +++ b/AppControl Manager/App.xaml @@ -3,6 +3,7 @@ x:Class="AppControlManager.App" xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" + xmlns:animations="using:CommunityToolkit.WinUI.Animations" xmlns:local="using:AppControlManager"> @@ -11,6 +12,70 @@ + + + + + 4 + + + + + + + + + + + + + + + + + + + + + + + diff --git a/AppControl Manager/AppControl Manager.csproj b/AppControl Manager/AppControl Manager.csproj index f68fc3017..641584b3e 100644 --- a/AppControl Manager/AppControl Manager.csproj +++ b/AppControl Manager/AppControl Manager.csproj @@ -137,7 +137,6 @@ - diff --git a/AppControl Manager/CustomUIElements/SigningDetailsDialog.xaml b/AppControl Manager/CustomUIElements/SigningDetailsDialog.xaml index c239c9fe4..a2c3ba8af 100644 --- a/AppControl Manager/CustomUIElements/SigningDetailsDialog.xaml +++ b/AppControl Manager/CustomUIElements/SigningDetailsDialog.xaml @@ -20,20 +20,6 @@ BorderBrush="{ThemeResource AccentFillColorDefaultBrush}"> - - - - 4 - - - - 2000 diff --git a/AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml b/AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml index dbbbfbace..e6abacaf0 100644 --- a/AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml +++ b/AppControl Manager/CustomUIElements/SigningDetailsDialogForRemoval.xaml @@ -18,22 +18,8 @@ CornerRadius="8" Style="{ThemeResource DefaultContentDialogStyle}" BorderBrush="{ThemeResource AccentFillColorDefaultBrush}"> - + - - - - 4 - - - - 2000 diff --git a/AppControl Manager/Others/packageManagement.cs b/AppControl Manager/Excluded Code/packageManagement.cs similarity index 100% rename from AppControl Manager/Others/packageManagement.cs rename to AppControl Manager/Excluded Code/packageManagement.cs diff --git a/AppControl Manager/Main/BasePolicyCreator.cs b/AppControl Manager/Main/BasePolicyCreator.cs index abae54fbc..d5eca665d 100644 --- a/AppControl Manager/Main/BasePolicyCreator.cs +++ b/AppControl Manager/Main/BasePolicyCreator.cs @@ -240,7 +240,7 @@ internal sealed class DriverBlockListInfo } catch (Exception ex) { - Logger.Write($"An error occurred: {ex.Message}"); + Logger.Write($"An error occurred while retrieving additional information related to the Microsoft recommended driver block rules: {ex.Message}"); // Return null in case of an error return null; @@ -380,7 +380,7 @@ internal static void GetDriversBlockRules(string StagingArea) /// /// /// - internal static void BuildAllowMSFT(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy) + internal static void BuildAllowMSFT(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy, string? PolicyIDToUse = null) { string policyName; @@ -403,8 +403,9 @@ internal static void BuildAllowMSFT(string StagingArea, bool IsAudit, ulong? Log // Final Policy Path string finalPolicyPath = Path.Combine(GlobalVars.UserConfigDir, $"{policyName}.xml"); - // Get/Deploy the block rules - GetBlockRules(StagingArea, deploy); + // Get/Deploy the block rules if this base policy is not being swapped + if (PolicyIDToUse is null) + GetBlockRules(StagingArea, deploy); Logger.Write("Copying the AllowMicrosoft.xml from Windows directory to the Staging Area"); @@ -415,13 +416,19 @@ internal static void BuildAllowMSFT(string StagingArea, bool IsAudit, ulong? Log // Get the policy ID of the policy being created string policyID = SetCiPolicyInfo.Set(tempPolicyPath, true, $"{policyName} - {DateTime.Now.ToString("MM-dd-yyyy", CultureInfo.InvariantCulture)}", null, null); + if (PolicyIDToUse is not null) + { + policyID = PolicyIDToUse; + } + + if (deployAppControlSupplementalPolicy == true) { // Supply the policy ID of the policy being deployed to this method SupplementalForSelf.Deploy(StagingArea, policyID); } - SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0")); + SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0"), PolicyIDToUse); CiRuleOptions.Set( tempPolicyPath, @@ -460,7 +467,7 @@ internal static void BuildAllowMSFT(string StagingArea, bool IsAudit, ulong? Log /// /// /// - internal static void BuildDefaultWindows(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy) + internal static void BuildDefaultWindows(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy, string? PolicyIDToUse = null) { string policyName; @@ -483,8 +490,9 @@ internal static void BuildDefaultWindows(string StagingArea, bool IsAudit, ulong // Final Policy Path string finalPolicyPath = Path.Combine(GlobalVars.UserConfigDir, $"{policyName}.xml"); - // Get/Deploy the block rules - GetBlockRules(StagingArea, deploy); + // Get/Deploy the block rules if this base policy is not being swapped + if (PolicyIDToUse is null) + GetBlockRules(StagingArea, deploy); Logger.Write("Copying the DefaultWindows.xml from Windows directory to the Staging Area"); @@ -495,13 +503,20 @@ internal static void BuildDefaultWindows(string StagingArea, bool IsAudit, ulong // Get the policy ID of the policy being created string policyID = SetCiPolicyInfo.Set(tempPolicyPath, true, $"{policyName} - {DateTime.Now.ToString("MM-dd-yyyy", CultureInfo.InvariantCulture)}", null, null); + + if (PolicyIDToUse is not null) + { + policyID = PolicyIDToUse; + } + + if (deployAppControlSupplementalPolicy == true) { // Supply the policy ID of the policy being deployed to this method SupplementalForSelf.Deploy(StagingArea, policyID); } - SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0")); + SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0"), PolicyIDToUse); CiRuleOptions.Set( tempPolicyPath, @@ -638,7 +653,7 @@ internal static void GetBlockRules(string StagingArea, bool deploy) /// /// /// - internal static void BuildSignedAndReputable(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy) + internal static void BuildSignedAndReputable(string StagingArea, bool IsAudit, ulong? LogSize, bool deploy, bool RequireEVSigners, bool EnableScriptEnforcement, bool TestMode, bool? deployAppControlSupplementalPolicy, string? PolicyIDToUse = null) { string policyName; @@ -661,8 +676,9 @@ internal static void BuildSignedAndReputable(string StagingArea, bool IsAudit, u // Final policy XML path string finalPolicyPath = Path.Combine(GlobalVars.UserConfigDir, $"{policyName}.xml"); - // Get/Deploy the block rules - GetBlockRules(StagingArea, deploy); + // Get/Deploy the block rules if this base policy is not being swapped + if (PolicyIDToUse is null) + GetBlockRules(StagingArea, deploy); Logger.Write("Copying the AllowMicrosoft.xml from Windows directory to the Staging Area"); @@ -683,12 +699,19 @@ internal static void BuildSignedAndReputable(string StagingArea, bool IsAudit, u // Get the policyID of the policy being created string policyID = SetCiPolicyInfo.Set(tempPolicyPath, true, $"{policyName} - {DateTime.Now.ToString("MM-dd-yyyy", CultureInfo.InvariantCulture)}", null, null); + + if (PolicyIDToUse is not null) + { + policyID = PolicyIDToUse; + } + + if (deployAppControlSupplementalPolicy == true) { SupplementalForSelf.Deploy(StagingArea, policyID); } - SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0")); + SetCiPolicyInfo.Set(tempPolicyPath, new Version("1.0.0.0"), PolicyIDToUse); if (deploy) @@ -709,6 +732,70 @@ internal static void BuildSignedAndReputable(string StagingArea, bool IsAudit, u MainWindow.Instance.AssignToSidebar(finalPolicyPath); } + + /// + /// Creates and deploys the Strict Kernel-mode base policy + /// Since this is only Kernel-mode, we don't need to deploy the special AppControl Manager supplemental policy + /// + /// + /// + /// + /// + internal static void BuildStrictKernelMode(string StagingArea, bool IsAudit, bool NoFlightRoots, bool deploy, string? PolicyIDToUse = null) + { + + string fileName = NoFlightRoots ? "StrictKernelMode_NoFlightRoots" : "StrictKernelMode"; + + // Path of the policy file in the staging area + string policyPath = Path.Combine(StagingArea, $"{fileName}.xml"); + + // path of the policy in the app's resources directory + string policyPathInResourcesDir = Path.Combine(AppContext.BaseDirectory, "Resources", $"{fileName}.xml"); + + // path of the policy in user configurations directory + string finalPolicyPath = Path.Combine(GlobalVars.UserConfigDir, $"{fileName}.xml"); + + // Copy the policy from app's directory to the staging area + File.Copy(policyPathInResourcesDir, policyPath, true); + + if (IsAudit) + { + // Add the audit mode rule option to the policy + CiRuleOptions.Set(filePath: policyPath, rulesToAdd: [CiRuleOptions.PolicyRuleOptions.EnabledAuditMode]); + } + + string policyID; + + if (PolicyIDToUse is not null) + { + SetCiPolicyInfo.Set(policyPath, new Version("1.0.0.0"), PolicyIDToUse); + policyID = PolicyIDToUse; + } + else + { + // Reset the policy ID + policyID = SetCiPolicyInfo.Set(policyPath, true, null, null, null); + } + + // Copy the policy to the user configurations directory + File.Copy(policyPath, finalPolicyPath, true); + + // If it is to be deployed + if (deploy) + { + Logger.Write($"Deploying the Strict Kernel-mode policy with the ID {policyID}"); + + string cipPath = Path.Combine(StagingArea, $"{fileName}.cip"); + + // Convert the XML to CiP + PolicyToCIPConverter.Convert(policyPath, cipPath); + + // Deploy the CiP file + CiToolHelper.UpdatePolicy(cipPath); + } + } + + [GeneratedRegex(@"(.*?)<\/VersionEx>", RegexOptions.Compiled)] private static partial Regex MyRegex(); diff --git a/AppControl Manager/MainWindow.xaml.cs b/AppControl Manager/MainWindow.xaml.cs index c58378f5f..dfeb3b0e5 100644 --- a/AppControl Manager/MainWindow.xaml.cs +++ b/AppControl Manager/MainWindow.xaml.cs @@ -111,12 +111,12 @@ internal sealed class PageTitleMap }, [typeof(Pages.Update)] = new PageTitleMap { - Titles = [GlobalVars.GetString("Update"), "Custom MSIX Path"], + Titles = [GlobalVars.GetString("Update"), "Custom MSIXBundle Path"], Pages = [typeof(Pages.Update), typeof(Pages.UpdatePageCustomMSIXPath)] }, [typeof(Pages.UpdatePageCustomMSIXPath)] = new PageTitleMap // sub-page { - Titles = [GlobalVars.GetString("Update"), "Custom MSIX Path"], + Titles = [GlobalVars.GetString("Update"), "Custom MSIXBundle Path"], Pages = [typeof(Pages.Update), typeof(Pages.UpdatePageCustomMSIXPath)] }, [typeof(Pages.Deployment)] = new PageTitleMap diff --git a/AppControl Manager/Others/GlobalVars.cs b/AppControl Manager/Others/GlobalVars.cs index 2fd87f6ad..e08fa9270 100644 --- a/AppControl Manager/Others/GlobalVars.cs +++ b/AppControl Manager/Others/GlobalVars.cs @@ -37,7 +37,7 @@ internal static string GetString(string resourceKey) internal static readonly string StagingArea = Path.Combine(UserConfigDir, "StagingArea"); // The link to the file that contains the download link for the latest version of the AppControl Manager - internal static readonly Uri AppUpdateDownloadLinkURL = new("https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/refs/heads/main/AppControl%20Manager/DownloadURL.txt"); + internal static readonly Uri AppUpdateDownloadLinkURL = new("https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/refs/heads/main/AppControl%20Manager/MSIXBundleDownloadURL.txt"); // The link to the file that contains the version number of the latest available version of the AppControl Manager internal static readonly Uri AppVersionLinkURL = new("https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/refs/heads/main/AppControl%20Manager/version.txt"); diff --git a/AppControl Manager/Others/Logger.cs b/AppControl Manager/Others/Logger.cs index 7c702b0bc..afc38da1f 100644 --- a/AppControl Manager/Others/Logger.cs +++ b/AppControl Manager/Others/Logger.cs @@ -16,9 +16,9 @@ static Logger() // Create the Logs directory if it doesn't exist, won't do anything if it exists _ = Directory.CreateDirectory(LogsDirectory); - // Check the size of the directory and clear it if it exceeds 100 MB + // Check the size of the directory and clear it if it exceeds 1000 MB // To ensure the logs directory doesn't get too big - if (GetDirectorySize(LogsDirectory) > 100 * 1024 * 1024) // 100 MB in bytes + if (GetDirectorySize(LogsDirectory) > 1000 * 1024 * 1024) // 1000 MB in bytes { // Empty the directory while retaining the most recent file EmptyDirectory(LogsDirectory); diff --git a/AppControl Manager/Pages/AllowNewApps/AllowNewApps.xaml b/AppControl Manager/Pages/AllowNewApps/AllowNewApps.xaml index 00412fba3..3f142c0df 100644 --- a/AppControl Manager/Pages/AllowNewApps/AllowNewApps.xaml +++ b/AppControl Manager/Pages/AllowNewApps/AllowNewApps.xaml @@ -14,7 +14,7 @@ diff --git a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsEventLogsDataGrid.xaml b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsEventLogsDataGrid.xaml index 7bc00a353..2beb0ed69 100644 --- a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsEventLogsDataGrid.xaml +++ b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsEventLogsDataGrid.xaml @@ -13,24 +13,11 @@ - - - - - - diff --git a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsLocalFilesDataGrid.xaml b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsLocalFilesDataGrid.xaml index 0aa71b33b..8eea4d90c 100644 --- a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsLocalFilesDataGrid.xaml +++ b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsLocalFilesDataGrid.xaml @@ -13,18 +13,6 @@ - - - - - diff --git a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsStart.xaml b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsStart.xaml index 3d71a5f9a..299352155 100644 --- a/AppControl Manager/Pages/AllowNewApps/AllowNewAppsStart.xaml +++ b/AppControl Manager/Pages/AllowNewApps/AllowNewAppsStart.xaml @@ -24,20 +24,10 @@ - - - - + diff --git a/AppControl Manager/Pages/BuildNewCertificate.xaml b/AppControl Manager/Pages/BuildNewCertificate.xaml index d50fae503..a23a55566 100644 --- a/AppControl Manager/Pages/BuildNewCertificate.xaml +++ b/AppControl Manager/Pages/BuildNewCertificate.xaml @@ -12,20 +12,6 @@ xmlns:win="http://schemas.microsoft.com/winfx/2006/xaml/presentation" mc:Ignorable="d"> - - - - 4 - - - - @@ -35,19 +21,7 @@ - - - - - - + diff --git a/AppControl Manager/Pages/ConfigurePolicyRuleOptions.xaml b/AppControl Manager/Pages/ConfigurePolicyRuleOptions.xaml index a5cc0fb47..377373176 100644 --- a/AppControl Manager/Pages/ConfigurePolicyRuleOptions.xaml +++ b/AppControl Manager/Pages/ConfigurePolicyRuleOptions.xaml @@ -11,20 +11,6 @@ xmlns:animatedvisuals="using:AnimatedVisuals" mc:Ignorable="d"> - - - - 4 - - - - @@ -33,7 +19,7 @@ - + @@ -88,8 +74,7 @@ - + @@ -116,8 +101,7 @@ Header="Policy Template" HeaderIcon="{ui:FontIcon Glyph=}"> - - + + + + + + + + + + + + diff --git a/AppControl Manager/Pages/MDEAHPolicyCreation.xaml.cs b/AppControl Manager/Pages/MDEAHPolicyCreation.xaml.cs index 8ac9ba3d2..9819c8ded 100644 --- a/AppControl Manager/Pages/MDEAHPolicyCreation.xaml.cs +++ b/AppControl Manager/Pages/MDEAHPolicyCreation.xaml.cs @@ -16,6 +16,7 @@ using Microsoft.UI.Xaml; using Microsoft.UI.Xaml.Controls; using Microsoft.UI.Xaml.Input; +using Microsoft.UI.Xaml.Media.Animation; using Microsoft.UI.Xaml.Navigation; using Windows.ApplicationModel.DataTransfer; @@ -49,6 +50,9 @@ private void OnPropertyChanged(string propertyName) #endregion + // Expose the list of queries as a public property for x:Bind + internal ObservableCollection AdvancedHuntingQueries { get; } = []; + // To store the FileIdentities displayed on the DataGrid // Binding happens on the XAML but methods related to search update the ItemSource of the DataGrid from code behind otherwise there will not be an expected result internal ObservableCollection FileIdentities { get; set; } @@ -84,6 +88,32 @@ public MDEAHPolicyCreation() // Add the DateChanged event handler FilterByDateCalendarPicker.DateChanged += FilterByDateCalendarPicker_DateChanged; + + + // Instances of MDEAdvancedHuntingQueries + AdvancedHuntingQueries.Add(new MDEAdvancedHuntingQueriesForMDEAHPolicyCreationPage + { + QueryTitle = "Default Query", + Query = """ +DeviceEvents +| where ActionType startswith "AppControlCodeIntegrity" + or ActionType startswith "AppControlCIScriptBlocked" + or ActionType startswith "AppControlCIScriptAudited" +""" + }); + + AdvancedHuntingQueries.Add(new MDEAdvancedHuntingQueriesForMDEAHPolicyCreationPage + { + QueryTitle = "Default Query with Device name filter", + Query = """ +DeviceEvents +| where (ActionType startswith "AppControlCodeIntegrity" + or ActionType startswith "AppControlCIScriptBlocked" + or ActionType startswith "AppControlCIScriptAudited") + and DeviceName == "deviceName" +""" + }); + } #region @@ -1257,4 +1287,74 @@ private void SegmentedControl_SelectionChanged(object sender, SelectionChangedEv } + + /// + /// Handles the Copy button click. + /// Copies the associated query text to the clipboard and plays an animation + /// that changes the button's text from "Copy" to "Copied" and then back. + /// + private void CopyButton_Click(object sender, RoutedEventArgs e) + { + if (sender is Button copyButton && copyButton.DataContext is MDEAdvancedHuntingQueriesForMDEAHPolicyCreationPage queryItem) + { + // Copy the query text to the clipboard. + DataPackage dataPackage = new(); + dataPackage.SetText(queryItem.Query); + Clipboard.SetContent(dataPackage); + + // Retrieve the Grid that is the button's content. + if (copyButton.Content is Grid grid) + { + // Find the two TextBlocks + TextBlock normalTextBlock = (TextBlock)grid.FindName("NormalText"); + TextBlock copiedTextBlock = (TextBlock)grid.FindName("CopiedText"); + + // Create a storyboard to hold both keyframe animations. + Storyboard sb = new(); + + // Create a keyframe animation for the "NormalText" (Copy) + // Timeline: + // 0ms: Opacity = 1 + // 200ms: fade out to 0 + // 1200ms: remain at 0 + // 1400ms: fade back in to 1 + DoubleAnimationUsingKeyFrames normalAnimation = new(); + normalAnimation.KeyFrames.Add(new DiscreteDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(0), Value = 1 }); + normalAnimation.KeyFrames.Add(new LinearDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(200), Value = 0 }); + normalAnimation.KeyFrames.Add(new DiscreteDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(1200), Value = 0 }); + normalAnimation.KeyFrames.Add(new LinearDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(1400), Value = 1 }); + Storyboard.SetTarget(normalAnimation, normalTextBlock); + Storyboard.SetTargetProperty(normalAnimation, "Opacity"); + + // Create a keyframe animation for the "CopiedText" (Copied) + // Timeline: + // 0ms: Opacity = 0 + // 200ms: fade in to 1 + // 1200ms: remain at 1 + // 1400ms: fade out to 0 + DoubleAnimationUsingKeyFrames copiedAnimation = new(); + copiedAnimation.KeyFrames.Add(new DiscreteDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(0), Value = 0 }); + copiedAnimation.KeyFrames.Add(new LinearDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(200), Value = 1 }); + copiedAnimation.KeyFrames.Add(new DiscreteDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(1200), Value = 1 }); + copiedAnimation.KeyFrames.Add(new LinearDoubleKeyFrame { KeyTime = TimeSpan.FromMilliseconds(1400), Value = 0 }); + Storyboard.SetTarget(copiedAnimation, copiedTextBlock); + Storyboard.SetTargetProperty(copiedAnimation, "Opacity"); + + // Add animations to the storyboard. + sb.Children.Add(normalAnimation); + sb.Children.Add(copiedAnimation); + + // Start the storyboard. + sb.Begin(); + + } + } + } +} + + +internal sealed class MDEAdvancedHuntingQueriesForMDEAHPolicyCreationPage +{ + internal string? QueryTitle { get; set; } + internal string? Query { get; set; } } diff --git a/AppControl Manager/Pages/MergePolicies.xaml b/AppControl Manager/Pages/MergePolicies.xaml index 3fd184c0f..199a4fe62 100644 --- a/AppControl Manager/Pages/MergePolicies.xaml +++ b/AppControl Manager/Pages/MergePolicies.xaml @@ -11,22 +11,6 @@ xmlns:controls="using:CommunityToolkit.WinUI.Controls" mc:Ignorable="d"> - - - - - 4 - - - - - @@ -35,7 +19,6 @@ - @@ -51,8 +34,6 @@ - - @@ -91,7 +72,6 @@ - diff --git a/AppControl Manager/Pages/Settings.xaml b/AppControl Manager/Pages/Settings.xaml index ff6e7a285..e1873e09c 100644 --- a/AppControl Manager/Pages/Settings.xaml +++ b/AppControl Manager/Pages/Settings.xaml @@ -11,20 +11,6 @@ xmlns:controls="using:CommunityToolkit.WinUI.Controls" mc:Ignorable="d"> - - - - 4 - - - - @@ -184,7 +170,6 @@ - @@ -192,7 +177,6 @@ - diff --git a/AppControl Manager/Pages/Simulation.xaml b/AppControl Manager/Pages/Simulation.xaml index a9d9c220c..abb3fcf86 100644 --- a/AppControl Manager/Pages/Simulation.xaml +++ b/AppControl Manager/Pages/Simulation.xaml @@ -20,18 +20,6 @@ - - - - - diff --git a/AppControl Manager/Pages/StrictKernelPolicyScanResults.xaml b/AppControl Manager/Pages/StrictKernelPolicyScanResults.xaml index 26e393829..5fd4bcdc8 100644 --- a/AppControl Manager/Pages/StrictKernelPolicyScanResults.xaml +++ b/AppControl Manager/Pages/StrictKernelPolicyScanResults.xaml @@ -13,18 +13,6 @@ - - - - - diff --git a/AppControl Manager/Pages/SystemInformation/CodeIntegrityInfo.xaml b/AppControl Manager/Pages/SystemInformation/CodeIntegrityInfo.xaml index b38994a98..b05e80aed 100644 --- a/AppControl Manager/Pages/SystemInformation/CodeIntegrityInfo.xaml +++ b/AppControl Manager/Pages/SystemInformation/CodeIntegrityInfo.xaml @@ -68,7 +68,6 @@ X2="500" Y2="0" StrokeThickness="2" Grid.Row="2" Margin="0,10,0,10"/> - diff --git a/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml b/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml index 492704c88..1d3751bc5 100644 --- a/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml +++ b/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml @@ -20,17 +20,6 @@ - - - - @@ -99,6 +88,14 @@ + + Default Windows + Allow Microsoft + Signed and Reputable + Strict Kernel-Mode + Strict Kernel-Mode (No Flight Roots) + + diff --git a/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml.cs b/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml.cs index 2d944ce91..da28a87b8 100644 --- a/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml.cs +++ b/AppControl Manager/Pages/SystemInformation/ViewCurrentPolicies.xaml.cs @@ -14,6 +14,7 @@ using Microsoft.UI.Xaml; using Microsoft.UI.Xaml.Controls; using Microsoft.UI.Xaml.Controls.Primitives; +using Microsoft.UI.Xaml.Documents; using Microsoft.UI.Xaml.Media; using Microsoft.UI.Xaml.Navigation; using Windows.ApplicationModel.DataTransfer; @@ -202,6 +203,9 @@ private void DeployedPolicies_SelectionChanged(object sender, SelectionChangedEv // Disable the button if no proper policy is selected RemovePolicyButton.IsEnabled = false; } + + // Enable the Swap Policy ComboBox only when the selected policy is a base type, unsigned and non-system + SwapPolicyComboBox.IsEnabled = string.Equals(selectedPolicy.BasePolicyID, selectedPolicy.PolicyID, StringComparison.OrdinalIgnoreCase) && !selectedPolicy.IsSignedPolicy && !selectedPolicy.IsSystemPolicy; } @@ -729,4 +733,179 @@ private static bool VerifyRemovalEligibility(string policyID) } + /// + /// Event handler for when the Swap Policy ComboBox's selection changes + /// + /// + /// + private async void SwapPolicyComboBox_SelectionChanged(object sender, SelectionChangedEventArgs e) + { + if (selectedPolicy is null) + { + return; + } + + bool reEnableButtonAtTheEnd = true; + + try + { + SwapPolicyComboBox.IsEnabled = false; + RemovePolicyButton.IsEnabled = false; + RetrievePoliciesButton.IsEnabled = false; + SearchBox.IsEnabled = false; + DeployedPolicies.IsEnabled = false; + + string policyID = selectedPolicy.PolicyID!.ToString(); + + TextBlock formattedTextBlock = new() + { + TextWrapping = TextWrapping.WrapWholeWords, + IsTextSelectionEnabled = true + }; + + SolidColorBrush violetBrush = new(Colors.Violet); + SolidColorBrush hotPinkBrush = new(Colors.HotPink); + + // Create normal text runs + Run normalText1 = new() { Text = "The selected policy with the name " }; + Run normalText2 = new() { Text = " and ID " }; + Run normalText3 = new() { Text = " will be changed to the type " }; + Run normalText4 = new() { Text = "It will be re-deployed on the system with the same Policy ID and Base Policy ID. If it's currently in Audit Mode, it will be in Enforced Mode after this operation is completed." }; + + // Create colored runs + Run accentPolicyName = new() { Text = selectedPolicy.FriendlyName, Foreground = violetBrush }; + Run accentPolicyID = new() { Text = policyID, Foreground = violetBrush }; + Run accentPolicyType = new() { Text = ((ComboBoxItem)SwapPolicyComboBox.SelectedItem).Content.ToString(), Foreground = hotPinkBrush }; + + // Create bold text run + Bold boldText = new(); + boldText.Inlines.Add(new Run() { Text = "Any existing Supplemental policy will continue to work." }); + + // Add runs to the TextBlock + formattedTextBlock.Inlines.Add(normalText1); + formattedTextBlock.Inlines.Add(accentPolicyName); + formattedTextBlock.Inlines.Add(normalText2); + formattedTextBlock.Inlines.Add(accentPolicyID); + formattedTextBlock.Inlines.Add(normalText3); + formattedTextBlock.Inlines.Add(accentPolicyType); + formattedTextBlock.Inlines.Add(new LineBreak()); + formattedTextBlock.Inlines.Add(new LineBreak()); + formattedTextBlock.Inlines.Add(normalText4); + formattedTextBlock.Inlines.Add(new LineBreak()); + formattedTextBlock.Inlines.Add(new LineBreak()); + formattedTextBlock.Inlines.Add(boldText); + + // Create and display a ContentDialog with styled TextBlock + ContentDialog dialog = new() + { + Title = "Swapping Policy", + Content = formattedTextBlock, + PrimaryButtonText = "OK", + BorderBrush = Application.Current.Resources["AccentFillColorDefaultBrush"] as Brush ?? new SolidColorBrush(Colors.Transparent), + BorderThickness = new Thickness(1), + CloseButtonText = "Cancel", + XamlRoot = this.XamlRoot // Set XamlRoot to the current page's XamlRoot + }; + + // Show the dialog and wait for user response + ContentDialogResult result = await dialog.ShowAsync(); + + // If the user did not select "OK", return from the method + if (result is not ContentDialogResult.Primary) + { + reEnableButtonAtTheEnd = false; + return; + } + + int selectedIndex = SwapPolicyComboBox.SelectedIndex; + + await Task.Run(() => + { + + string stagingArea = StagingArea.NewStagingArea("PolicySwapping").FullName; + + switch (selectedIndex) + { + case 0: // Default Windows + { + BasePolicyCreator.BuildDefaultWindows(stagingArea, + false, + null, + true, + false, + false, + false, + false, + policyID + ); + + break; + } + case 1: // Allow Microsoft + { + BasePolicyCreator.BuildAllowMSFT(stagingArea, + false, + null, + true, + false, + false, + false, + false, + policyID + ); + + break; + } + case 2: // Signed and Reputable + { + BasePolicyCreator.BuildSignedAndReputable(stagingArea, + false, + null, + true, + false, + false, + false, + false, + policyID + ); + + break; + } + case 3: // Strict Kernel-Mode + { + BasePolicyCreator.BuildStrictKernelMode(stagingArea, false, false, true, policyID); + + break; + } + case 4: // Strict Kernel-Mode(No Flight Roots) + { + BasePolicyCreator.BuildStrictKernelMode(stagingArea, false, true, true, policyID); + + break; + } + default: + { + break; + } + } + }); + } + finally + { + // Refresh the DataGrid's policies and their count + RetrievePolicies(); + + if (reEnableButtonAtTheEnd) + { + SwapPolicyComboBox.IsEnabled = true; + } + + RemovePolicyButton.IsEnabled = true; + RetrievePoliciesButton.IsEnabled = true; + SearchBox.IsEnabled = true; + DeployedPolicies.IsEnabled = true; + } + + } + } diff --git a/AppControl Manager/Pages/Update.xaml b/AppControl Manager/Pages/Update.xaml index c7c37bbe7..af9535b2a 100644 --- a/AppControl Manager/Pages/Update.xaml +++ b/AppControl Manager/Pages/Update.xaml @@ -11,20 +11,6 @@ xmlns:win="http://schemas.microsoft.com/winfx/2006/xaml/presentation" mc:Ignorable="d"> - - - - 4 - - - - diff --git a/AppControl Manager/Pages/Update.xaml.cs b/AppControl Manager/Pages/Update.xaml.cs index 7058a1f60..a972ba89e 100644 --- a/AppControl Manager/Pages/Update.xaml.cs +++ b/AppControl Manager/Pages/Update.xaml.cs @@ -6,8 +6,8 @@ using System.Net.Http; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; -using System.Text; using System.Text.RegularExpressions; +using System.Threading; using System.Threading.Tasks; using AppControlManager.AppSettings; using AppControlManager.Main; @@ -15,6 +15,8 @@ using Microsoft.UI.Xaml; using Microsoft.UI.Xaml.Controls; using Microsoft.UI.Xaml.Navigation; +using Windows.ApplicationModel; +using Windows.Foundation; using Windows.Management.Deployment; #pragma warning disable IDE0063 // Do not simplify using statements, keep them scoped for proper disposal otherwise files will be in use until the method is exited @@ -23,32 +25,22 @@ namespace AppControlManager.Pages; public sealed partial class Update : Page { - // Pattern for AppControl Manager version and architecture extraction from file path and download link URL - [GeneratedRegex(@"_(?\d+\.\d+\.\d+\.\d+)_(?x64|arm64)\.msix$", RegexOptions.IgnoreCase | RegexOptions.Compiled)] - private static partial Regex MyRegex(); - // Pattern for finding ASR rules that belong to the AppControl Manager [GeneratedRegex("__sadt7br7jpt02", RegexOptions.IgnoreCase | RegexOptions.Compiled)] private static partial Regex MyRegex1(); - // Common name of the on-device generated certificate used to sign the AppControl Manager MSIX package + // Common name of the on-device generated certificate used to sign the AppControl Manager MSIXBundle package private const string commonName = "SelfSignedCertForAppControlManager"; - // Create a Regex object - internal readonly Regex regex = MyRegex(); - // Track whether hardened update procedure must be used private bool useHardenedUpdateProcedure; - // To determine whether to use the user-supplied MSIX path or continue with downloading the MSIX from GitHub + // To determine whether to use the user-supplied MSIXBundle path or continue with downloading the MSIXBundle from GitHub // It's changed by the UI toggle - internal bool useCustomMSIXPath; - - // The custom MSIX path that the user supplied - internal string? customMSIXPath; + internal bool useCustomMSIXBundlePath; - // Could be a URL or file path, will be used by Regex to detect version and architecture - private string? sourceForRegex; + // The custom MSIXBundle path that the user supplied + internal string? customMSIXBundlePath; // A static instance of the Update class which will hold the single, shared instance of it private static Update? _instance; @@ -84,22 +76,22 @@ private async void CheckForUpdateButton_Click(object sender, RoutedEventArgs e) // variable to store the update results UpdateCheckResponse? updateCheckResult = null; - // If user did not provide custom MSIX path, start checking for update - if (!useCustomMSIXPath) + // If user did not provide custom MSIXBundle path, start checking for update + if (!useCustomMSIXBundlePath) { UpdateStatusInfoBar.Message = "Checking for update"; // Check for update asynchronously using the AppUpdate class's singleton instance updateCheckResult = await Task.Run(AppUpdate.Instance.Check); } - // If a new version is available or user supplied a custom MSIX path to be installed - if ((updateCheckResult is { IsNewVersionAvailable: true }) || useCustomMSIXPath) + // If a new version is available or user supplied a custom MSIXBundle path to be installed + if ((updateCheckResult is { IsNewVersionAvailable: true }) || useCustomMSIXBundlePath) { string msg1; - if (useCustomMSIXPath) + if (useCustomMSIXBundlePath) { - msg1 = $"Installing the MSIX path that you selected: {customMSIXPath}"; + msg1 = $"Installing the MSIXBundle path that you selected: {customMSIXBundlePath}"; } else { @@ -113,17 +105,17 @@ private async void CheckForUpdateButton_Click(object sender, RoutedEventArgs e) string stagingArea = StagingArea.NewStagingArea("AppUpdate").ToString(); - // To store the latest MSIX version download link after retrieving it from GitHub text file + // To store the latest MSIXBundle version download link after retrieving it from GitHub text file Uri onlineDownloadURL; - // Location of the MSIX package where it will be saved after download it from GitHub + // Location of the MSIXBundle package where it will be saved after downloading it from GitHub // Or in case user supplied a custom path, it will be assigned to this string AppControlManagerSavePath; DownloadProgressRingForMSIXFile.Visibility = Visibility.Visible; - // If user did not supply a custom MSIX file path - if (!useCustomMSIXPath) + // If user did not supply a custom MSIXBundle file path + if (!useCustomMSIXBundlePath) { using (HttpClient client = new SecHttpClient()) @@ -132,12 +124,9 @@ private async void CheckForUpdateButton_Click(object sender, RoutedEventArgs e) onlineDownloadURL = new Uri(await client.GetStringAsync(GlobalVars.AppUpdateDownloadLinkURL)); } - // The Uri will be used to detect the version and architecture of the MSIX package being installed - sourceForRegex = onlineDownloadURL.ToString(); + AppControlManagerSavePath = Path.Combine(stagingArea, "AppControlManager.msixbundle"); - AppControlManagerSavePath = Path.Combine(stagingArea, "AppControlManager.msix"); - - UpdateStatusInfoBar.Message = "Downloading the AppControl Manager MSIX package..."; + UpdateStatusInfoBar.Message = "Downloading the AppControl Manager MSIXBundle package..."; using (HttpClient client = new SecHttpClient()) @@ -202,17 +191,13 @@ private async void CheckForUpdateButton_Click(object sender, RoutedEventArgs e) } - Logger.Write($"The AppControl Manager MSIX package has been successfully downloaded to {AppControlManagerSavePath}"); - + Logger.Write($"The AppControl Manager MSIXBundle package has been successfully downloaded to {AppControlManagerSavePath}"); } else { - // Use the user-supplied MSIX file path to detect the version and architecture - sourceForRegex = customMSIXPath ?? throw new InvalidOperationException("No MSIX path was selected"); - - // Use the user-supplied MSIX file path for installation source - AppControlManagerSavePath = customMSIXPath; + // Use the user-supplied MSIXBundle file path for installation source + AppControlManagerSavePath = customMSIXBundlePath ?? throw new InvalidOperationException("No MSIXBundle path was selected"); } DownloadProgressRingForMSIXFile.IsIndeterminate = true; @@ -224,7 +209,6 @@ private async void CheckForUpdateButton_Click(object sender, RoutedEventArgs e) UpdateStatusInfoBar.Message = "All Downloads finished, installing the new AppControl Manager version"; - // Run the update check in a separate thread and asynchronously wait for its completion await Task.Run(() => { // Random password to temporarily encrypt the private key of the newly generated certificate @@ -233,7 +217,7 @@ await Task.Run(() => // Path where the .cer file will be saved string CertificateOutputPath = Path.Combine(stagingArea, $"{commonName}.cer"); - // Remove any certificates with the specified common name that may already exist on the system form previos attempts + // Remove any certificates with the specified common name that may already exist on the system form previous attempts CertificateGenerator.DeleteCertificateByCN(commonName); // Generate a new certificate @@ -248,23 +232,7 @@ await Task.Run(() => UserProtectedPrivateKey: useHardenedUpdateProcedure, ExportablePrivateKey: false); - // Get the version and architecture of the installing MSIX package app - Match RegexMatch = regex.Match(sourceForRegex); - - string InstallingAppVersion; - string InstallingAppArchitecture; - - if (RegexMatch.Success) - { - InstallingAppVersion = RegexMatch.Groups["Version"].Value; - InstallingAppArchitecture = RegexMatch.Groups["Architecture"].Value; - } - else - { - throw new InvalidOperationException("Could not get the version of the installing app"); - } - - // Signing the App Control Manager MSIX package + // Signing the App Control Manager package // In this step the SignTool detects the cert to use based on Common name + ThumbPrint + Hash Algo + Store Type + Store Name ProcessStarter.RunCommand(signToolPath, $"sign /debug /n \"{commonName}\" /fd Sha512 /sm /s Root /sha1 {generatedCert.Thumbprint} \"{AppControlManagerSavePath}\""); @@ -315,6 +283,61 @@ await Task.Run(() => _ = managementClass.InvokeMethod("Remove", inParams, null); } } + } + catch (Exception ex) + { + Logger.Write($"An error occurred while trying to remove the ASR rule exclusions which you can safely ignore: {ex.Message}"); + } + + + PackageManager packageManager = new(); + + Logger.Write("Installing the AppControl Manager MSIXBundle package"); + + // https://learn.microsoft.com/en-us/uwp/api/windows.management.deployment.addpackageoptions + AddPackageOptions options = new() + { + DeferRegistrationWhenPackagesAreInUse = true, + ForceUpdateFromAnyVersion = true + }; + + IAsyncOperationWithProgress deploymentOperation = packageManager.AddPackageByUriAsync(new Uri(AppControlManagerSavePath), options); + + // This event is signaled when the operation completes + ManualResetEvent opCompletedEvent = new(false); + + // Define the delegate using a statement lambda + deploymentOperation.Completed = (depProgress, status) => { _ = opCompletedEvent.Set(); }; + + // Wait until the operation completes + _ = opCompletedEvent.WaitOne(); + + // Check the status of the operation + if (deploymentOperation.Status == AsyncStatus.Error) + { + DeploymentResult deploymentResult = deploymentOperation.GetResults(); + throw new InvalidOperationException($"Error installing The AppControl Manager. Error code: {deploymentOperation.ErrorCode} - Error text: {deploymentResult.ErrorText}"); + } + else if (deploymentOperation.Status == AsyncStatus.Canceled) + { + Logger.Write("The AppControl Manager Installation canceled"); + } + else if (deploymentOperation.Status == AsyncStatus.Completed) + { + Logger.Write("The AppControl Manager Installation succeeded"); + } + else + { + throw new InvalidOperationException("There was an unknown problem installing the AppControl Manager"); + } + + + try + { + + Package AppControlManagerPackage = packageManager.FindPackages("AppControlManager_sadt7br7jpt02").First(); + + string AppControlInstallFolder = AppControlManagerPackage.EffectivePath; // Connect to the WMI namespace again ManagementScope scope = new(@"\\.\ROOT\Microsoft\Windows\Defender"); @@ -324,16 +347,8 @@ await Task.Run(() => using ManagementClass mpPreferenceClass = new(scope, new ManagementPath("MSFT_MpPreference"), null); // Construct the paths to the .exe and .dll files of the AppControl Manager - StringBuilder InstallingAppLocationToAdd = new(); - _ = InstallingAppLocationToAdd.Append("C:\\Program Files\\WindowsApps\\AppControlManager_"); - _ = InstallingAppLocationToAdd.Append(InstallingAppVersion); - _ = InstallingAppLocationToAdd.Append('_'); - _ = InstallingAppLocationToAdd.Append(InstallingAppArchitecture); - _ = InstallingAppLocationToAdd.Append("__sadt7br7jpt02\\"); - - string path1 = Path.Combine(InstallingAppLocationToAdd.ToString(), "AppControlManager.exe"); - string path2 = Path.Combine(InstallingAppLocationToAdd.ToString(), "AppControlManager.dll"); - + string path1 = Path.Combine(AppControlInstallFolder, "AppControlManager.exe"); + string path2 = Path.Combine(AppControlInstallFolder, "AppControlManager.dll"); // Get the available methods for the class ManagementBaseObject methodParams = mpPreferenceClass.GetMethodParameters("Add"); @@ -344,25 +359,11 @@ await Task.Run(() => // Invoke the Add method to add the paths to the ASR rules exclusions _ = mpPreferenceClass.InvokeMethod("Add", methodParams, null); } - catch (Exception ex) { - Logger.Write($"An error occurred while trying to add the ASR rule exclusions which you can ignore: {ex.Message}"); - } - - - PackageManager packageManager = new(); - - Logger.Write($"Installing AppControl Manager MSIX package version '{InstallingAppVersion}' with architecture '{InstallingAppArchitecture}'"); - - // https://learn.microsoft.com/en-us/uwp/api/windows.management.deployment.addpackageoptions - AddPackageOptions options = new() - { - DeferRegistrationWhenPackagesAreInUse = true, - ForceUpdateFromAnyVersion = true - }; + Logger.Write($"An error occurred while trying to add the ASR rule exclusions which you can safely ignore: {ex.Message}"); - _ = packageManager.AddPackageByUriAsync(new Uri(AppControlManagerSavePath), options); + } }); diff --git a/AppControl Manager/Pages/UpdatePageCustomMSIXPath.xaml b/AppControl Manager/Pages/UpdatePageCustomMSIXPath.xaml index bfc3aa5ad..66f7db289 100644 --- a/AppControl Manager/Pages/UpdatePageCustomMSIXPath.xaml +++ b/AppControl Manager/Pages/UpdatePageCustomMSIXPath.xaml @@ -10,21 +10,7 @@ xmlns:controls="using:CommunityToolkit.WinUI.Controls" xmlns:win="http://schemas.microsoft.com/winfx/2006/xaml/presentation" mc:Ignorable="d"> - - - - - 4 - - - - + @@ -41,18 +27,18 @@ -