When running the Applications Launch Control task, Kaspersky Embedded Systems Security monitors user's attempts to start applications and allows or denies start of these applications. The Applications Launch Control task relies on the Default Deny principle, which means that any applications that are not allowed in the task settings will be blocked automatically.
You can allow launching applications by creating Applications Launch Control allow rules for them.
All attempts to start applications are recorded in the task log.
The Applications Launch Control task can operate in one of two modes:
Running applications that are not covered by Applications Launch Control rules is prohibited.
The Applications Launch Control task cannot be started in Active mode if no Applications Launch Control rules have been created or if more than 65,535 Applications Launch Control rules exist for one protected device.
When creating Applications Launch Control rules, we recommend making sure that they do not block your operating system's applications from running.
Kaspersky Embedded Systems Security also intercepts processes launched under the Windows Subsystem for Linux (except for scripts run from the UNIX™ shell, or command line interpreters). For such processes, the Applications Launch Control task applies the action defined by the current configuration. The Rule Generator for Applications Launch Control task detects application launches and generates corresponding rules for applications running under the Windows Subsystem for Linux.