Microsoft Corporation
Binary authorization based on both file and package attributes

Abstract:

Examples described herein generally relate to a computer device including a memory, and at least one processor configured to determine whether to allow execution of an application file on the computer device. The processor receives a command to execute a file. The processor determines whether the file is associated with a package reputation of an installation package. The processor determines a file reputation of the file. The processor determines whether to allow execution of the file based on a combination of the file reputation of the file and whether the file is associated with the good package reputation.