|
what, nothing about applocker/SRPs on Windows?
|
# ¿ Oct 22, 2015 08:32 |
|
|
# ¿ May 3, 2024 10:54 |
|
Wiggly Wayne DDS posted:Advice on that is just going to lead to people breaking their own systems, but it should be talked about of course. The default applocker policies on 8.1 don't break the OS, and will prevent a lot of malware running itself from the usual locations in %userprofile%.
|
# ¿ Oct 22, 2015 08:42 |
|
galahan posted:http://snailsuite.com/ I'd be more inclined to treat a 3rd party driver installer tool as a security threat than anything else.
|
# ¿ Aug 29, 2016 03:49 |
|
Arsten posted:He's still making SpinRite? Why is he still making SpinRight? Probably because people keep paying for it.
|
# ¿ Aug 29, 2016 04:36 |
|
Samizdata posted:Also, as far as expertise goes, I think it makes more sense to stick with a company that specializes in AV as opposed to it being yet another in a line of products. Malcolm XML posted:Win 10 supersedes emet iirc
|
# ¿ Oct 8, 2016 11:01 |
|
might also be worth checking if it's configured for AMT remote management too. If AMT is enabled, you may be able to reset or disable it in the BIOS/UEFI settings.
|
# ¿ Jul 24, 2017 04:33 |
|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8475 "A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files. An attacker who successfully exploited the vulnerability could execute arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to download an image file." That's a vague description - does anyone have any specific info on how this one actually works? The CVE database entry doesn't have anything public yet.
|
# ¿ Sep 12, 2018 03:10 |
|
|
# ¿ May 3, 2024 10:54 |
|
I'm sort of hoping that it is something exciting like "any image loaded in any application, including any web browser, triggers this RCE".
|
# ¿ Sep 12, 2018 03:24 |