For quite some time we have supported Windows Installer packages, empowering standard users to run MSI's, MSU's and MSP's that would require administrator privileges to complete. This functionality is fundamental in most least privilege deployments, where power users are delegated the privilege of choosing their own productivity tools.
The Drive Rule is a new validation rule that lets you match applications being executed from particular types of drive. Not too dissimilar in concept to the file path rule (where applications are matched based on their directory location), the drive rule lets you target the drive itself.
Services play an integral part of endpoint functionality - they are components of many desktop products, and almost all server implementations. On desktops, services run in the background across multiple user sessions, most commonly for products such as antivirus, firewalls and other security products. On servers, many roles function as services because of the performance and high availability requirements of applications in the datacenter.
Packed with unique and innovative features, version 3.8 really does set Privilege Guard apart in terms of our ability to solve real challenges when implementing least privilege. Our experience in delivering successful projects to some of the world's largest organizations has helped us understand what is important; ensuring that users are given a seamless, hassle-free and productive experience when logged on as a standard user.