Please see scenario below. It is what our security IT department want accomplished. I am the Sys Admin. What approach should I take to accomplish this? Do I go GPO? If I do, can an expert detail the steps (step-by-step)?
Infosec has identified a possible solution for preventing majority of malware attacks on our network.
These malware executables fire off from the user's temp folder. Denying the execution of files in that file directory will greatly increase the security of the network.
Please create and deploy a policy that prevents executables from running in the following directory of ALL users:
An example of malware found in this directory is listed below for reference:
C:\Users\dxf\AppData\Local\Temp\Low\radDABCE.tmp.exe (Trojan.MSIL.ED) -> Quarantined and deleted successfully.
Please ensure that masked executables (malware.tmp.exe) are blocked, as malware will often have other file type endings in their name in order to bypass policies that prevent the execution of .exe files.
If there are any questions please contact Infosec (CAH, AJM or EJL).