I'm having some trouble setting up a GPO white-list (mainly to block CryptoLocker), mostly because of Google Chrome. I have allowed everything in Windows, Program Files and lnk files.
But when opening a downloaded office document in Chrome (xlsx,doc etc), i get blocked by the GPO white list. This happens only if the document is opened from the Chrome download list.
The documents open successfully from the Downloads folder within Explorer. I find this odd, because the GPO only blocks executable files, not office related items.
I tried to look around with ProcessMon, in hopes of seeing what is Chrome trying to do with Office 2013, but with no luck, haven't seen anything yet. I do suspect it's trying to load something up from %APPDATA% .
I have allowed everything in Users\Username\AppData\Local\Google to run, even though I am using a MSI installer and everything should be running from ProgramFiles.
Anyone else been through this ? I'm a little confused here :)
Thank you!