Top Nav

Configure Windows 7 to Run Only Specific Programs

If you’re a network administrator for a small business or even your household, you can restrict which programs users are able to run in Windows 7. This method also works in Windows 8 Developer Preview.

Note: This process uses Local Group Policy Editor which is not available in Home editions of Windows 7. Also, you’ll need Administrator rights to set it up.

As a network administrator you can create a “white list’ of only specific programs users are able to run.

First, click Start and type: gpedit.msc into the Search box and hit Enter.

gpedit

To access Local Group Policy Editor in Windows 8, at the main Metro screen just begin to type: gpedit.msc. Then tap or click the gpedit icon that displays under Apps on the left.

Local Group Policy Editor opens. Navigate to User Configuration >> Administrative Templates >> System. Then double click on Run Only Specified Windows Applications.

local gpe

Select Enabled then under Options click the Show button.

list show

Type in the list of programs you want the user to be able to run, then click OK. Then save your settings.

allowed

When a user accesses programs on the Allowed List, they work just fine.

allowed programs

However, when the user tries to access a program not on the Allowed List, they’ll see the following error message.

error message

Then you’ll be able to make the decision if the user can use the program or not. This is handy if you’re setting up a kiosk or a public computer too.

More Reading:

, ,

2 Responses to Configure Windows 7 to Run Only Specific Programs

  1. Ted February 13, 2012 at 8:37 am #

    If I use this process, will is stop malware or any other types of bugs?

  2. Hallsie February 13, 2012 at 12:06 pm #

    Here’s an interesting thing. this will cause hell from spyware/malware and in the end since I didn’t see a “path” on the “allow list” then you could in theory just rename any .exe “firefox.exe” and it will run.

Leave a Reply