Currently by using Application Control, we can restrict usage of an application based on its name or location. But there should be a feasibility to block an application based on its version. This could give more control over Application Control feature to selectively block the usage of vulnerable versions of an application. Please let me know if we already have this feature in place or else please consider this option for future feature request!
Hello, JohnNoah,
We appreciate your reaching out to the Sophos Community Forum.
Application Control in Sophos Endpoint Protection enables you to allow or block applications based on their name or installation path, using predefined signatures. However, it currently does not support blocking based on specific version numbers.
This means if you block an application, all versions matching the signature will be blocked, not just older or vulnerable ones. Selective blocking by version isn't available at this time.
We recognize that version-based blocking would provide more granular control for administrators, especially when addressing security and compliance concerns related to known vulnerabilities in legacy software.
I will ensure your feedback is shared with our product management team as a feature request for future consideration. Additionally, I recommend contacting your Sophos account manager or partner to formally submit this request, as this helps us track and prioritize enhancements more effectively.
Let me know if you need any further help.
Regards,
Quote