-
Bug
-
Resolution: Unresolved
-
P4
-
jfx17
-
x86_64
-
windows
A DESCRIPTION OF THE PROBLEM :
JavaFX extracts unsigned DLL files into a user writeable location and tries to load them:
C:\Users\username\.openjfx\cache\17.0.2-ea
This is a common behavior of malware and will be blocked by AppLocker DLL rules. As the DLLs are not signed there is no proper way to allow these to run.
The proper way would be to install these files into %ProgramFiles% folder (maybe in JRE/bin) then it will work out of the box a properly hardened systems.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Try to run a software which makes use of JavaFX when Microsoft AppLocker with DLL rules is configured.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Software works
ACTUAL -
JavaFX fails to load
CUSTOMER SUBMITTED WORKAROUND :
Maybe you can copy the files from the cache folder into the bin folder of the application and set javafx.cachedir but the NativeLibLoader still might try to write to this folder in case the files are outdated.
FREQUENCY : always
JavaFX extracts unsigned DLL files into a user writeable location and tries to load them:
C:\Users\username\.openjfx\cache\17.0.2-ea
This is a common behavior of malware and will be blocked by AppLocker DLL rules. As the DLLs are not signed there is no proper way to allow these to run.
The proper way would be to install these files into %ProgramFiles% folder (maybe in JRE/bin) then it will work out of the box a properly hardened systems.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Try to run a software which makes use of JavaFX when Microsoft AppLocker with DLL rules is configured.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Software works
ACTUAL -
JavaFX fails to load
CUSTOMER SUBMITTED WORKAROUND :
Maybe you can copy the files from the cache folder into the bin folder of the application and set javafx.cachedir but the NativeLibLoader still might try to write to this folder in case the files are outdated.
FREQUENCY : always
- relates to
-
-
- Open
-
-
-
- Resolved
-