11-18-2025 06:37 AM
Hi,
We want to enforce the use of only the approved version of AnyDesk (9.6.5.0 and above) on all Windows endpoints and completely prevent execution of any older versions of anydesk.exe.
Is there a clean and maintainable way to achieve this using Cortex XDR Prevention/Restriction Profiles?
From what I’ve seen, the straightforward way is:
- Block anydesk.exe by path/name
- Create hash-based exceptions only for the approved version(s)
every old version has a different hash, so we would need to collect and maintain a long block-list of hashes for all previous versions (which is not practical).
1. Can we restrict execution based on the software version instead of the hash?
2. Is there a way to “allow only versions ≥ 9.6.5.0” or “allow only this specific version” without blocking every single old hash manually?
Thanks
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
