ThreatLocker Update February 18th 2019

ThreatLocker is pleased to announce the following updates. Updates will be automatically downloaded and will apply next time you restart your computer.

New Features

ThreatLocker Driver Status is now displayed on the Computer Page

In some cases the driver installation may be blocked by other security software, or by the operating system if the latest root CA is not downloaded. If the ThreatLocker Driver is not running, it will be displayed on the computers page on the Driver Status column.

Auto Populate Applications in Storage Policies

The ability to restrict access to storage devices is an important part of protecting business data from malware or ransomware. Up until now, you could add a list of applications that need access to your storage device in a storage policy. We have added the ability to auto populate this list from your storage audit for the previous week. To auto populate this list, simple create a storage policy for the network share, select “Only permit the following applications”, and select the “Auto Populate” button. You can then remove any applications that you do not wish to permit.


  • Improved automatic recovery of the core definitions in the event of corruption to the downloaded database.

The following fixes have been applied.

  • Fixed issue that causes storage policies to be logged in the audit, even if the policy is configured not to record an entry in the audit.

  • Fixed issue where a lack of policies triggers policies to re-download over and over.

How to get the latest update

Updates will automatically be deployed when a computer is restarted. If you do not wish to restart your computer you can run the follow script to download the update immediately.

Note: Make sure your download the latest MSI for future deployments.

net stop threatlockerdriver

net start threatlockerdriver

net stop threatlockerservice

net start threatlockerservice