L I M I T A T I O N S A N D W A R N I N G S
113
Using program interfaces of the operating system (DNS)
Creating service
Opening service for read
Opening service for write
Modifying service configuration
Managing service
Starting service
Deleting service
Saving registry keys to file
Access to audio stream
Changing system modules (KnownDlls)
The following actions by Application Control are limited:
Starting driver: loading of drivers is not blocked; only a notification about a driver that has been loaded may
be shown.
Pausing other processes and threads: only threads with suspend rights are intercepted under Microsoft
Windows 10 (x86); opening of the process is additionally controlled under Microsoft Windows (x64).
Code intrusions: only threads with inject rights are intercepted under Microsoft Windows 10 (x86); opening
of the process is additionally controlled under Microsoft Windows 10 (x64).
Duplicate internal process handle: copying of handles is controlled for processes and threads only.
Stopping other processes: controlled only at the level of opening of process handles and threads with
terminate rights.
Exiting Microsoft Windows 10: only shutdown.exe launch is controlled other mechanisms of exiting the
operating system are not controlled.
Kaspersky Internet Security limitations under Microsoft Windows 10 with the Device Guard mode
enabled:
Enabling of the Network Attack Blocker component in the application interface is not available.
Operation of the following functionality is also partly limited:
Rootkit search and disinfection (postponed disinfection of files after computer restart; detection of malware that
creates autorun keys in the registry).
Heuristic Analysis (emulation of the startup of suspicious applications).
2006-2020 Rsmanuals.com